CVE-2025-39703

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0 #12

Description A flaw exists in the Linux kernel related to the handling of High-Speed Resilient (HSR) frames. Receiving an HSR frame without sufficient space to accommodate the HSR tag within the skb (socket buffer) can lead to a kernel crash, specifically a kernel BUG triggered by an invalid opcode. This issue arises from unintended transformations applied to the skb by the HSR layer when processing a corrupted HSR frame with an incomplete TAG. The reproducer utilizes AF PACKET, but the vulnerability could potentially be triggered by frames received over a network.

Recommendations Update to a version newer than 6.15.0 #12 to resolve this issue.