Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-37879
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-09 May, 2025 | 06:45
Updated At-02 Jan, 2026 | 15:29
Rejected At-
▼CVE Numbering Authority (CNA)
9p/net: fix improper handling of bogus negative read/write replies

In the Linux kernel, the following vulnerability has been resolved: 9p/net: fix improper handling of bogus negative read/write replies In p9_client_write() and p9_client_read_once(), if the server incorrectly replies with success but a negative write/read count then we would consider written (negative) <= rsize (positive) because both variables were signed. Make variables unsigned to avoid this problem. The reproducer linked below now fails with the following error instead of a null pointer deref: 9pnet: bogus RWRITE count (4294967295 > 3)

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/9p/client.c
Default Status
unaffected
Versions
Affected
  • From 070b3656cf228eaaef7b28b59264c5c7cdbdd0fb before 468ff4a7c61fb811c596a7c44b6a5455e40fd12b (git)
  • From 070b3656cf228eaaef7b28b59264c5c7cdbdd0fb before a68768e280b7d0c967ea509e791bb9b90adc94a5 (git)
  • From 070b3656cf228eaaef7b28b59264c5c7cdbdd0fb before c548f95688e2b5ae0e2ae43d53cf717156c7d034 (git)
  • From 070b3656cf228eaaef7b28b59264c5c7cdbdd0fb before 374e4cd75617c8c2552f562f39dd989583f5c330 (git)
  • From 070b3656cf228eaaef7b28b59264c5c7cdbdd0fb before d0259a856afca31d699b706ed5e2adf11086c73b (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/9p/client.c
Default Status
affected
Versions
Affected
  • 4.1
Unaffected
  • From 0 before 4.1 (semver)
  • From 6.1.136 through 6.1.* (semver)
  • From 6.6.89 through 6.6.* (semver)
  • From 6.12.26 through 6.12.* (semver)
  • From 6.14.5 through 6.14.* (semver)
  • From 6.15 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/468ff4a7c61fb811c596a7c44b6a5455e40fd12b
N/A
https://git.kernel.org/stable/c/a68768e280b7d0c967ea509e791bb9b90adc94a5
N/A
https://git.kernel.org/stable/c/c548f95688e2b5ae0e2ae43d53cf717156c7d034
N/A
https://git.kernel.org/stable/c/374e4cd75617c8c2552f562f39dd989583f5c330
N/A
https://git.kernel.org/stable/c/d0259a856afca31d699b706ed5e2adf11086c73b
N/A
Hyperlink: https://git.kernel.org/stable/c/468ff4a7c61fb811c596a7c44b6a5455e40fd12b
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a68768e280b7d0c967ea509e791bb9b90adc94a5
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/c548f95688e2b5ae0e2ae43d53cf717156c7d034
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/374e4cd75617c8c2552f562f39dd989583f5c330
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/d0259a856afca31d699b706ed5e2adf11086c73b
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
Resource: N/A
Details not found