{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T19:35:23.286","vulnerabilities":[{"cve":{"id":"CVE-2025-68799","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-01-13T16:16:01.907","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncaif: fix integer underflow in cffrml_receive()\n\nThe cffrml_receive() function extracts a length field from the packet\nheader and, when FCS is disabled, subtracts 2 from this length without\nvalidating that len >= 2.\n\nIf an attacker sends a malicious packet with a length field of 0 or 1\nto an interface with FCS disabled, the subtraction causes an integer\nunderflow.\n\nThis can lead to memory exhaustion and kernel instability, potential\ninformation disclosure if padding contains uninitialized kernel memory.\n\nFix this by validating that len >= 2 before performing the subtraction."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ncaif: corrige desbordamiento negativo de enteros en cffrml_receive()\n\nLa función cffrml_receive() extrae un campo de longitud del encabezado del paquete y, cuando FCS está deshabilitado, resta 2 a esta longitud sin validar que len >= 2.\n\nSi un atacante envía un paquete malicioso con un campo de longitud de 0 o 1 a una interfaz con FCS deshabilitado, la resta causa un desbordamiento negativo de enteros.\n\nEsto puede llevar a agotamiento de memoria e inestabilidad del kernel, potencial revelación de información si el relleno contiene memoria del kernel no inicializada.\n\nSoluciona esto validando que len >= 2 antes de realizar la resta."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/21fdcc00656a60af3c7aae2dea8dd96abd35519c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/4ec29714aa4e0601ea29d2f02b461fc0ac92c2c3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/785c7be6361630070790f6235b696da156ac71b3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/8a11ff0948b5ad09b71896b7ccc850625f9878d1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/c54091eec6fed19e94182aa05dd6846600a642f7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/f407f1c9f45bbf5c99fd80b3f3f4a94fdbe35691","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/f818cd472565f8b0c2c409b040e0121c5cf8592c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}