Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2025-39682
CVE-2025-39682:
Linux Kernel vulnerability analysis and mitigation
Overview
CVE-2025-39682 is a vulnerability discovered in the Linux kernel related to the handling of zero-length records on the rx_list in the TLS implementation. The vulnerability was disclosed on September 5, 2025, and affects the TLS subsystem in the Linux kernel (NVD).
Technical details
The vulnerability involves the processing of TLS records during recvmsg() calls. Each recvmsg() call must process either only contiguous DATA records or one non-DATA record. When a record has been decrypted (particularly in TLS 1.3 where the type isn't known until after decryption), it gets queued to the rx_list. The issue specifically occurs with zero-length records from rx_list, where the handling of record types and zero-copy operations could lead to potential security issues (NVD).
Impact
While the full impact hasn't been explicitly rated, the vulnerability affects the TLS implementation in the Linux kernel, which is a critical component for secure communications. The issue could potentially affect the processing and handling of TLS records, which might impact the security of encrypted communications (NVD).
Additional resources
Source: This report was generated using AI
Related Linux Kernel vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management