目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2025-39770— Linux kernel 安全漏洞

AI 预测 5.5 利用难度: 中等 EPSS 0.14% · P4

可能的 ATT&CK 技术 1AI

T1498 · Network Denial of Service

影响版本矩阵 24

厂商产品版本范围状态
LinuxLinuxa84978a9cda68f0afe3f01d476c68db21526baf1< a0478d7e888028f85fa7785ea838ce0ca09398e2affected
c69bc67c1cb211aa390bea6e512bb01b1241fefb< 2156d9e9f2e483c8c3906c0ea57ea312c1424235affected
04c20a9356f283da623903e81e7c6d5df7e4dc3c< 041e2f945f82fdbd6fff577b79c33469430297aaaffected
04c20a9356f283da623903e81e7c6d5df7e4dc3c< 794ddbb7b63b6828c75967b9bcd43b086716e7a1affected
04c20a9356f283da623903e81e7c6d5df7e4dc3c< 864e3396976ef41de6cc7bc366276bf4e084fff2affected
bcefc3cd7f592a70fcbbbfd7ad1fbc69172ea78baffected
477b35d94a21530046fe91589960732fcf2b29edaffected
a27a5c40ee4cbe00294e2c76160de5f2589061baaffected
… +16 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2025-39770 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM When performing Generic Segmentation Offload (GSO) on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the egress device only advertises NETIF_F_IPV6_CSUM feature, which has a strict contract: it supports checksum offload only for plain TCP or UDP over IPv6 and explicitly does not support packets with extension headers. The current GSO logic violates this contract by failing to disable the feature for packets with extension headers, such as those used in GREoIPv6 tunnels. This violation results in the device being asked to perform an operation it cannot support, leading to a `skb_warn_bad_offload` warning and a collapse of network throughput. While device TSO/USO is correctly bypassed in favor of software GSO for these packets, the GSO stack must be explicitly told not to request checksum offload. Mask NETIF_F_IPV6_CSUM, NETIF_F_TSO6 and NETIF_F_GSO_UDP_L4 in gso_features_check if the IPv6 header contains extension headers to compute checksum in software. The exception is a BIG TCP extension, which, as stated in commit 68e068cabd2c6c53 ("net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets"): "The feature is only enabled on devices that support BIG TCP TSO. The header is only present for PF_PACKET taps like tcpdump, and not transmitted by physical devices." kernel log output (truncated): WARNING: CPU: 1 PID: 5273 at net/core/dev.c:3535 skb_warn_bad_offload+0x81/0x140 ... Call Trace: <TASK> skb_checksum_help+0x12a/0x1f0 validate_xmit_skb+0x1a3/0x2d0 validate_xmit_skb_list+0x4f/0x80 sch_direct_xmit+0x1a2/0x380 __dev_xmit_skb+0x242/0x670 __dev_queue_xmit+0x3fc/0x7f0 ip6_finish_output2+0x25e/0x5d0 ip6_finish_output+0x1fc/0x3f0 ip6_tnl_xmit+0x608/0xc00 [ip6_tunnel] ip6gre_tunnel_xmit+0x1c0/0x390 [ip6_gre] dev_hard_start_xmit+0x63/0x1c0 __dev_queue_xmit+0x6d0/0x7f0 ip6_finish_output2+0x214/0x5d0 ip6_finish_output+0x1fc/0x3f0 ip6_xmit+0x2ca/0x6f0 ip6_finish_output+0x1fc/0x3f0 ip6_xmit+0x2ca/0x6f0 inet6_csk_xmit+0xeb/0x150 __tcp_transmit_skb+0x555/0xa80 tcp_write_xmit+0x32a/0xe90 tcp_sendmsg_locked+0x437/0x1110 tcp_sendmsg+0x2f/0x50 ... skb linear: 00000000: e4 3d 1a 7d ec 30 e4 3d 1a 7e 5d 90 86 dd 60 0e skb linear: 00000010: 00 0a 1b 34 3c 40 20 11 00 00 00 00 00 00 00 00 skb linear: 00000020: 00 00 00 00 00 12 20 11 00 00 00 00 00 00 00 00 skb linear: 00000030: 00 00 00 00 00 11 2f 00 04 01 04 01 01 00 00 00 skb linear: 00000040: 86 dd 60 0e 00 0a 1b 00 06 40 20 23 00 00 00 00 skb linear: 00000050: 00 00 00 00 00 00 00 00 00 12 20 23 00 00 00 00 skb linear: 00000060: 00 00 00 00 00 00 00 00 00 11 bf 96 14 51 13 f9 skb linear: 00000070: ae 27 a0 a8 2b e3 80 18 00 40 5b 6f 00 00 01 01 skb linear: 00000080: 08 0a 42 d4 50 d5 4b 70 f8 1a
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于GSO栈未正确禁用IPv6校验和卸载功能,可能导致设备不支持的操作和网络吞吐量下降。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux a84978a9cda68f0afe3f01d476c68db21526baf1 ~ a0478d7e888028f85fa7785ea838ce0ca09398e2 -
LinuxLinux 6.12 -

二、漏洞 CVE-2025-39770 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-39770 的情报信息

登录查看更多情报信息。

同批安全公告 · Linux · 2025-09-11 · 共 54 条

CVE-2025-39774Linux kernel 安全漏洞
CVE-2025-39791Linux kernel 安全漏洞
CVE-2025-39785Linux kernel 安全漏洞
CVE-2025-39788Linux kernel 安全漏洞
CVE-2025-39787Linux kernel 安全漏洞
CVE-2025-39786Linux kernel 安全漏洞
CVE-2025-39789Linux kernel 安全漏洞
CVE-2025-39777Linux kernel 安全漏洞
CVE-2025-39776Linux kernel 安全漏洞
CVE-2025-39775Linux kernel 安全漏洞
CVE-2025-39779Linux kernel 安全漏洞
CVE-2025-39773Linux kernel 安全漏洞
CVE-2025-39772Linux kernel 安全漏洞
CVE-2025-39771Linux kernel 安全漏洞
CVE-2025-39769Linux kernel 安全漏洞
CVE-2025-39768Linux kernel 安全漏洞
CVE-2025-39766Linux kernel 安全漏洞
CVE-2025-39767Linux kernel 安全漏洞
CVE-2025-39765Linux kernel 安全漏洞
CVE-2025-39764Linux kernel 安全漏洞

显示前 20 条,共 54 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2025-39770

暂无评论


发表评论