CVE-2025-37790

high

Description

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCK_RCU_FREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup.

References

https://git.kernel.org/stable/c/e3b5edbdb45924a7d4206d13868a2aac71f1e53d

https://git.kernel.org/stable/c/b9764ebebb007249fb733a131b6110ff333b6616

https://git.kernel.org/stable/c/a8a3b61ce140e2b0a72a779e8d70f60c0cf1e47a

https://git.kernel.org/stable/c/5c1313b93c8c2e3904a48aa88e2fa1db28c607ae

https://git.kernel.org/stable/c/52024cd6ec71a6ca934d0cc12452bd8d49850679

https://git.kernel.org/stable/c/3f899bd6dd56ddc46509b526e23a8f0a97712a6d

Details

Source: Mitre, NVD

Published: 2025-05-01

Updated: 2025-05-02

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00024

Detections

Analytics