CVE-2025-37756
📋 TL;DR
A vulnerability in the Linux kernel's TLS implementation allows attackers to trigger a kernel warning or potential crash by disconnecting a TLS socket while offload is enabled. This affects Linux systems using TLS offload features. The issue was discovered by syzbot fuzzer and can lead to denial of service.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to complete denial of service on affected systems.
Likely Case
Kernel warning messages in system logs and potential service disruption for TLS connections.
If Mitigated
Minor performance impact from kernel warnings with no service disruption if proper controls prevent socket disconnection.
🎯 Exploit Status
Discovered by syzbot fuzzer, requires specific timing and TLS offload configuration.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits: 2bcad8fefcecdd5f005d8c550b25d703c063c34a, 5071a1e606b30c0c11278d3c6620cd6a24724cf6, 7bdcf5bc35ae59fc4a0fa23276e84b4d1534a3cf, 8513411ec321942bd3cfed53d5bb700665c67d86, 9fcbca0f801580cbb583e9cb274e2c7fbe766ca6)
Vendor Advisory: https://git.kernel.org/stable/c/2bcad8fefcecdd5f005d8c550b25d703c063c34a
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.
🔧 Temporary Workarounds
Disable TLS offload
linuxDisable TLS hardware offload features to prevent the vulnerability from being triggered
ethtool -K <interface> tls-hw-tx-offload off
ethtool -K <interface> tls-hw-rx-offload off
Network filtering
allImplement network controls to prevent unauthorized access to TLS services
🧯 If You Can't Patch
- Implement strict network segmentation to limit access to TLS services
- Monitor system logs for kernel warning messages related to TLS strp
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if TLS offload is enabled on network interfacesCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and check that TLS disconnect operations are properly handled📡 Detection & Monitoring
Log Indicators:
- Kernel warning messages containing 'tls_strp_msg_load' or 'WARNING: CPU:' related to TLS
Network Indicators:
- Unexpected TLS connection disconnections followed by service disruption
SIEM Query:
source="kernel" AND "WARNING" AND "tls_strp"🔗 References
- https://git.kernel.org/stable/c/2bcad8fefcecdd5f005d8c550b25d703c063c34a
- https://git.kernel.org/stable/c/5071a1e606b30c0c11278d3c6620cd6a24724cf6
- https://git.kernel.org/stable/c/7bdcf5bc35ae59fc4a0fa23276e84b4d1534a3cf
- https://git.kernel.org/stable/c/8513411ec321942bd3cfed53d5bb700665c67d86
- https://git.kernel.org/stable/c/9fcbca0f801580cbb583e9cb274e2c7fbe766ca6
- https://git.kernel.org/stable/c/ac91c6125468be720eafde9c973994cb45b61d44
- https://git.kernel.org/stable/c/c665bef891e8972e1d3ce5bbc0d42a373346a2c3
- https://git.kernel.org/stable/c/f3ce4d3f874ab7919edca364c147ac735f9f1d04
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
