PT-2026-2517 · Unknown+3 · Openvswitch+3

Published

2025-12-04

·

Updated

2026-05-11

·

CVE-2025-68785

CVSS v2.0

5.5

Medium

VectorAV:L/AC:H/Au:S/C:C/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw within the Open vSwitch component related to insufficient validation of attributes in the push nsh() action. Specifically, the code does not adequately verify the size or type of an intermediate attribute during nested attribute processing. This can lead to an invalid memory access, potentially causing a kernel crash. The issue arises from a double unwrap of attributes without proper size checking, which can trigger a slab-out-of-bounds error during action execution. The vulnerability is triggered when processing NSH headers and may occur during action execution due to an incorrectly sized netlink buffer.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Weakness Enumeration

CWE-125

Related Identifiers

AZL-74336
BDU:2026-00889
CVE-2025-68785
ECHO-5D02-3577-FF7B
MGASA-2026-0017
MGASA-2026-0018
OESA-2026-1566
OESA-2026-1567
OESA-2026-1570
OPENSUSE-SU-2026:20416-1
SUSE-SU-2026:0962-1
SUSE-SU-2026:1081-1
SUSE-SU-2026:20667-1
SUSE-SU-2026:20720-1
SUSE-SU-2026:20838-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
SUSE-SU-2026:20931-1
SUSE-SU-2026:21284-1
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8116-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8177-1
USN-8177-2
USN-8179-1
USN-8179-2
USN-8179-3
USN-8179-4
USN-8183-1
USN-8183-2
USN-8184-1
USN-8185-1
USN-8185-2
USN-8203-1
USN-8204-1
USN-8243-1
USN-8245-1
USN-8257-1
USN-8258-1
USN-8260-1
USN-8261-1
USN-8265-1

Affected Products

Linuxmint
Linux Kernel
Openvswitch
Ubuntu