SB2025090880 - Input validation error in Linux kernel hsr
Published: September 8, 2025
Security Bulletin ID
SB2025090880
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2025-39703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hsr_handle_frame() function in net/hsr/hsr_slave.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3ae272ab523dd6bdc26e879027ed79feac9dd1b3
- https://git.kernel.org/stable/c/61009439e4bd8d74e705ee15940760321be91d8a
- https://git.kernel.org/stable/c/7af76e9d18a9fd6f8611b3313c86c190f9b6a5a7
- https://git.kernel.org/stable/c/8d9bc4a375a1ba05f7dfa0407de8e510ab9bd14d
- https://git.kernel.org/stable/c/acd69b597bd3f76d3b3d322b84082226c00eeaa4
- https://git.kernel.org/stable/c/b117c41b00902c1a7e24347c405cb82504aeae0b
- https://git.kernel.org/stable/c/b640188b8a6690e685939053c7efdbc7818b5f4e