Detections
Analytics

CVE-2025-37790

medium

Description

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCK_RCU_FREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup.

References

https://git.kernel.org/stable/c/e3b5edbdb45924a7d4206d13868a2aac71f1e53d

https://git.kernel.org/stable/c/b9764ebebb007249fb733a131b6110ff333b6616

https://git.kernel.org/stable/c/a8a3b61ce140e2b0a72a779e8d70f60c0cf1e47a

https://git.kernel.org/stable/c/5c1313b93c8c2e3904a48aa88e2fa1db28c607ae

https://git.kernel.org/stable/c/52024cd6ec71a6ca934d0cc12452bd8d49850679

https://git.kernel.org/stable/c/3f899bd6dd56ddc46509b526e23a8f0a97712a6d

Details

Source: Mitre, NVD

Published: 2025-05-01

Updated: 2025-05-02

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024