CVE-2025-39768Reachable Assertion in Linux

CWE-617Reachable Assertion5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 99.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 11

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix complex rules rehash error flow Moving rules from matcher to matcher should not fail. However, if it does fail due to various reasons, the error flow should allow the kernel to continue functioning (albeit with broken steering rules) instead of going into series of soft lock-ups or some other problematic behaviour. Similar to the simple rules, complex rules rehash logic suffers from the same problems. This

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.166.16.4+1
Debianlinux/linux_kernel< 6.16.5-1
CVEListV5linux/linux17e0accac577fd6ea2090934d71a8c6f36702a2637d54bc28d092bc3b314da45d730f00e9d86ec2a+2
debiandebian/linux< linux 6.16.5-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-9vj3-c3f5-qhqx: In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix complex rules rehash error flow Moving rules from matcher to2025-09-11
OSV
CVE-2025-39768: In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix complex rules rehash error flow Moving rules from matcher to ma2025-09-11

📋Vendor Advisories

2
Red Hat
kernel: net/mlx5: HWS, fix complex rules rehash error flow2025-09-11
Debian
CVE-2025-39768: linux - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: H...2025
CVE-2025-39768 — Reachable Assertion in Linux | cvebase