CVE-2025-39682 — Linux vulnerability
23 documents8 sources
Severity
7.1HIGHNVD
EPSS
0.0%
top 99.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 5
Latest updateMar 1
Description
In the Linux kernel, the following vulnerability has been resolved:
tls: fix handling of zero-length records on the rx_list
Each recvmsg() call must process either
- only contiguous DATA records (any number of them)
- one non-DATA record
If the next record has different type than what has already been
processed we break out of the main processing loop. If the record
has already been decrypted (which may be the case for TLS 1.3 where
we don't know type until decryption) we queue the pending re…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2
Affected Packages3 packages
▶CVEListV5linux/linux84c61fe1a75b4255df1e1e7c054c9e6d048da417 — 2902c3ebcca52ca845c03182000e8d71d3a5196f+5
Also affects: Debian Linux 11.0
Patches
🔴Vulnerability Details
4OSV▶
CVE-2025-39682: In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rx_list Each recvmsg() call must p↗2025-09-05
GHSA▶
GHSA-v2pf-75pf-9c5h: In the Linux kernel, the following vulnerability has been resolved:
tls: fix handling of zero-length records on the rx_list
Each recvmsg() call must↗2025-09-05