{"vulnerability": "cve-2025-3779", "sightings": [{"uuid": "d63cd364-a419-454c-a1d7-c2a1056cfb20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37797", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo73vornkrk2", "content": "", "creation_timestamp": "2025-05-02T15:58:57.737313Z"}, {"uuid": "6e6cdb82-c2f0-4799-b415-ab5150a5c1ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37798", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lo73wlmc5dt2", "content": "", "creation_timestamp": "2025-05-02T15:58:59.987729Z"}, {"uuid": "8570bc51-2606-44b9-a543-769e65041c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37798", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7frfth3s2h", "content": "", "creation_timestamp": "2025-05-02T18:01:00.719019Z"}, {"uuid": "d1a0201b-7d40-4f10-96c8-47c0e50bc45a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37797", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7frg2lug2r", "content": "", "creation_timestamp": "2025-05-02T18:01:01.931122Z"}, {"uuid": "b3230639-28b0-48a3-9304-383e22ec51ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3779", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loafnnmijkc2", "content": "", "creation_timestamp": "2025-05-03T03:33:27.064156Z"}, {"uuid": "a668dc36-af98-4c45-b6e5-c1ea0c1ef182", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37790", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14453", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37790\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn't go away in\nthe middle of a lookup.\n\ud83d\udccf Published: 2025-05-01T13:07:23.416Z\n\ud83d\udccf Modified: 2025-05-02T06:16:30.506Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/5c1313b93c8c2e3904a48aa88e2fa1db28c607ae\n2. https://git.kernel.org/stable/c/b9764ebebb007249fb733a131b6110ff333b6616\n3. https://git.kernel.org/stable/c/a8a3b61ce140e2b0a72a779e8d70f60c0cf1e47a\n4. https://git.kernel.org/stable/c/3f899bd6dd56ddc46509b526e23a8f0a97712a6d\n5. https://git.kernel.org/stable/c/e3b5edbdb45924a7d4206d13868a2aac71f1e53d\n6. https://git.kernel.org/stable/c/52024cd6ec71a6ca934d0cc12452bd8d49850679", "creation_timestamp": "2025-05-02T07:16:22.000000Z"}, {"uuid": "1e2b8e6d-1cb2-4c66-ae8c-6557382357c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37792", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14452", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37792\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file.  However, if it loaded\na zero length file then the error code is not set correctly.  It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference.  This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to 'ERR_PTR'\n\ud83d\udccf Published: 2025-05-01T13:07:24.882Z\n\ud83d\udccf Modified: 2025-05-02T06:16:31.893Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/c3e9717276affe59fd8213706db021b493e81e34\n2. https://git.kernel.org/stable/c/73dc99c0ea94abd22379b2d82cacbc73f3e18ec1\n3. https://git.kernel.org/stable/c/2d7c60c2a38b4b461fa960ad0995136a6bfe0756\n4. https://git.kernel.org/stable/c/d8441818690d795232331bd8358545c5c95b6b72\n5. https://git.kernel.org/stable/c/3db6605043b50c8bb768547b23e0222f67ceef3e\n6. https://git.kernel.org/stable/c/aaf356f872a60db1e96fb762a62c4607fd22741f\n7. https://git.kernel.org/stable/c/53ceef799dcfc22c734d600811bfc9dd32eaea0a\n8. https://git.kernel.org/stable/c/324dddea321078a6eeb535c2bff5257be74c9799", "creation_timestamp": "2025-05-02T07:16:21.000000Z"}, {"uuid": "6c2c655d-a77e-4594-ac54-5e68c39ef9d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3779", "type": "seen", "source": "https://t.me/cvedetector/24393", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3779 - WordPress Personizely Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-3779 \nPublished : May 3, 2025, 3:15 a.m. | 27\u00a0minutes ago \nDescription : The Personizely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018widgetId\u2019 parameter in all versions up to, and including, 0.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-03T06:10:26.000000Z"}, {"uuid": "87f13de0-3ded-4160-bfaa-d16376cedfc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37799", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lohweq5r2c2h", "content": "", "creation_timestamp": "2025-05-06T03:19:28.033925Z"}, {"uuid": "11e1b2de-98a3-4ec3-b32f-0f8b53864216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37797", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvl7sdcczs2i", "content": "", "creation_timestamp": "2025-08-04T12:42:29.208610Z"}, {"uuid": "2381081d-aabe-49f2-b107-06d9ab094978", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37797", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvlahnw5xk2i", "content": "", "creation_timestamp": "2025-08-04T12:54:24.363198Z"}, {"uuid": "7d3a35a8-ed63-47ee-b6ff-16d4f604d911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37797", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvlzyzuggs23", "content": "", "creation_timestamp": "2025-08-04T20:31:32.715376Z"}, {"uuid": "70789968-da52-4195-ac70-24b0f2c9441e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37796", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14451", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37796\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.\n\ud83d\udccf Published: 2025-05-01T13:07:27.694Z\n\ud83d\udccf Modified: 2025-05-02T06:16:35.629Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/c731cdfddcf1be1590d5ba8c9b508f98e3a2b3d6\n2. https://git.kernel.org/stable/c/6e4ab3e574c2a335b40fa1f70d1c54fcb58ab33f\n3. https://git.kernel.org/stable/c/3c619aec1f538333b56746d2f796aab1bca5c9a5\n4. https://git.kernel.org/stable/c/5e7df74745700f059dc117a620e566964a2e8f2c\n5. https://git.kernel.org/stable/c/7ca513631fa6ad3011b8b9197cdde0f351103704\n6. https://git.kernel.org/stable/c/a9682bfef2cf3802515a902e964d774e137be1b9\n7. https://git.kernel.org/stable/c/152721cbae42713ecfbca6847e0f102ee6b19546\n8. https://git.kernel.org/stable/c/27c7e63b3cb1a20bb78ed4a36c561ea4579fd7da", "creation_timestamp": "2025-05-02T07:16:20.000000Z"}, {"uuid": "94889b48-b84b-4734-afb4-a1ec705817fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37799", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lobd5iffbx52", "content": "", "creation_timestamp": "2025-05-03T12:58:04.535306Z"}, {"uuid": "cb7a5107-62f8-4166-8b46-b38dc4c6672f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37799", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lobejp6emaq2", "content": "", "creation_timestamp": "2025-05-03T12:58:59.185003Z"}, {"uuid": "0c54f582-5ab6-4895-b272-349417dc3fea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37799", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lobj433suj2h", "content": "", "creation_timestamp": "2025-05-03T14:05:58.563769Z"}, {"uuid": "f63e8b55-502a-406b-b5ea-be6fe1426e0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37797", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvdxbpv56k2f", "content": "", "creation_timestamp": "2025-08-01T15:21:23.639601Z"}, {"uuid": "126cf966-3b18-4c55-94a1-0c00621fc6a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37797", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvnqtihptc2f", "content": "", "creation_timestamp": "2025-08-05T12:52:41.617140Z"}, {"uuid": "a88eb9b7-95c0-4c98-816c-da99d48b95e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37799", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14693", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37799\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp\n\nvmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that\nis, packet sizes between 128 - 3k bytes).\n\nWe noticed MTU-related connectivity issues with Cilium's service load-\nbalancing in case of vmxnet3 as NIC underneath. A simple curl to a HTTP\nbackend service where the XDP LB was doing IPIP encap led to overly large\npacket sizes but only for *some* of the packets (e.g. HTTP GET request)\nwhile others (e.g. the prior TCP 3WHS) looked completely fine on the wire.\n\nIn fact, the pcap recording on the backend node actually revealed that the\nnode with the XDP LB was leaking uninitialized kernel data onto the wire\nfor the affected packets, for example, while the packets should have been\n152 bytes their actual size was 1482 bytes, so the remainder after 152 bytes\nwas padded with whatever other data was in that page at the time (e.g. we\nsaw user/payload data from prior processed packets).\n\nWe only noticed this through an MTU issue, e.g. when the XDP LB node and\nthe backend node both had the same MTU (e.g. 1500) then the curl request\ngot dropped on the backend node's NIC given the packet was too large even\nthough the IPIP-encapped packet normally would never even come close to\nthe MTU limit. Lowering the MTU on the XDP LB (e.g. 1480) allowed to let\nthe curl request succeed (which also indicates that the kernel ignored the\npadding, and thus the issue wasn't very user-visible).\n\nCommit e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") was too eager\nto also switch xdp_prepare_buff() from rcd->len to rbi->len. It really needs\nto stick to rcd->len which is the actual packet length from the descriptor.\nThe latter we also feed into vmxnet3_process_xdp_small(), by the way, and\nit indicates the correct length needed to initialize the xdp->{data,data_end}\nparts. For e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") the\nrelevant part was adapting xdp_init_buff() to address the warning given the\nxdp_data_hard_end() depends on xdp->frame_sz. With that fixed, traffic on\nthe wire looks good again.\n\ud83d\udccf Published: 2025-05-03T11:39:51.924Z\n\ud83d\udccf Modified: 2025-05-03T11:39:51.924Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/4c2227656d9003f4d77afc76f34dd81b95e4c2c4", "creation_timestamp": "2025-05-03T12:17:14.000000Z"}, {"uuid": "d98afaaa-4fa1-47c0-88e9-623da6cae1a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37799", "type": "seen", "source": "https://t.me/cvedetector/24398", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-37799 - vmxnet3 Linux Kernel Malformed Packet Sizing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-37799 \nPublished : May 3, 2025, 12:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nvmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp  \n  \nvmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that  \nis, packet sizes between 128 - 3k bytes).  \n  \nWe noticed MTU-related connectivity issues with Cilium's service load-  \nbalancing in case of vmxnet3 as NIC underneath. A simple curl to a HTTP  \nbackend service where the XDP LB was doing IPIP encap led to overly large  \npacket sizes but only for *some* of the packets (e.g. HTTP GET request)  \nwhile others (e.g. the prior TCP 3WHS) looked completely fine on the wire.  \n  \nIn fact, the pcap recording on the backend node actually revealed that the  \nnode with the XDP LB was leaking uninitialized kernel data onto the wire  \nfor the affected packets, for example, while the packets should have been  \n152 bytes their actual size was 1482 bytes, so the remainder after 152 bytes  \nwas padded with whatever other data was in that page at the time (e.g. we  \nsaw user/payload data from prior processed packets).  \n  \nWe only noticed this through an MTU issue, e.g. when the XDP LB node and  \nthe backend node both had the same MTU (e.g. 1500) then the curl request  \ngot dropped on the backend node's NIC given the packet was too large even  \nthough the IPIP-encapped packet normally would never even come close to  \nthe MTU limit. Lowering the MTU on the XDP LB (e.g. 1480) allowed to let  \nthe curl request succeed (which also indicates that the kernel ignored the  \npadding, and thus the issue wasn't very user-visible).  \n  \nCommit e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") was too eager  \nto also switch xdp_prepare_buff() from rcd->len to rbi->len. It really needs  \nto stick to rcd->len which is the actual packet length from the descriptor.  \nThe latter we also feed into vmxnet3_process_xdp_small(), by the way, and  \nit indicates the correct length needed to initialize the xdp->{data,data_end}  \nparts. For e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") the  \nrelevant part was adapting xdp_init_buff() to address the warning given the  \nxdp_data_hard_end() depends on xdp->frame_sz. With that fixed, traffic on  \nthe wire looks good again. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-03T16:12:25.000000Z"}]}