{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-37790","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T04:51:23.940Z","datePublished":"2025-05-01T13:07:23.416Z","dateUpdated":"2026-05-11T21:15:13.623Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:15:13.623Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn't go away in\nthe middle of a lookup."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/mctp/af_mctp.c"],"versions":[{"version":"833ef3b91de692ef33b800bca6b1569c39dece74","lessThan":"5c1313b93c8c2e3904a48aa88e2fa1db28c607ae","status":"affected","versionType":"git"},{"version":"833ef3b91de692ef33b800bca6b1569c39dece74","lessThan":"b9764ebebb007249fb733a131b6110ff333b6616","status":"affected","versionType":"git"},{"version":"833ef3b91de692ef33b800bca6b1569c39dece74","lessThan":"a8a3b61ce140e2b0a72a779e8d70f60c0cf1e47a","status":"affected","versionType":"git"},{"version":"833ef3b91de692ef33b800bca6b1569c39dece74","lessThan":"3f899bd6dd56ddc46509b526e23a8f0a97712a6d","status":"affected","versionType":"git"},{"version":"833ef3b91de692ef33b800bca6b1569c39dece74","lessThan":"e3b5edbdb45924a7d4206d13868a2aac71f1e53d","status":"affected","versionType":"git"},{"version":"833ef3b91de692ef33b800bca6b1569c39dece74","lessThan":"52024cd6ec71a6ca934d0cc12452bd8d49850679","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/mctp/af_mctp.c"],"versions":[{"version":"5.15","status":"affected"},{"version":"0","lessThan":"5.15","status":"unaffected","versionType":"semver"},{"version":"5.15.181","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.135","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.88","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.25","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.14.4","lessThanOrEqual":"6.14.*","status":"unaffected","versionType":"semver"},{"version":"6.15","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.15.181"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.1.135"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.6.88"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.12.25"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.14.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.15"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5c1313b93c8c2e3904a48aa88e2fa1db28c607ae"},{"url":"https://git.kernel.org/stable/c/b9764ebebb007249fb733a131b6110ff333b6616"},{"url":"https://git.kernel.org/stable/c/a8a3b61ce140e2b0a72a779e8d70f60c0cf1e47a"},{"url":"https://git.kernel.org/stable/c/3f899bd6dd56ddc46509b526e23a8f0a97712a6d"},{"url":"https://git.kernel.org/stable/c/e3b5edbdb45924a7d4206d13868a2aac71f1e53d"},{"url":"https://git.kernel.org/stable/c/52024cd6ec71a6ca934d0cc12452bd8d49850679"}],"title":"net: mctp: Set SOCK_RCU_FREE","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:55:16.190Z"}}]}}