Vulnerability-Lookup

CERTFR-2025-AVI-0670

Vulnerability from certfr_avis - Published: 2025-08-08 - Updated: 2025-08-08

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 ESM
Ubuntu	Ubuntu	Ubuntu 24.04 LTS
Ubuntu	Ubuntu	Ubuntu 25.04
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

CVE-2025-37830 (GCVE-0-2025-37830)

Vulnerability from cvelistv5 – Published: 2025-05-08 06:26 – Updated: 2026-05-11 21:15

Title

cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()

Summary

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. scmi_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference. Add NULL check after cpufreq_cpu_get_raw() to prevent this issue.

Severity

No CVSS data available.

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/bd1dcfba72aac4159…
https://git.kernel.org/stable/c/4e3d1c1925d8e7529…
https://git.kernel.org/stable/c/f9c5423855e368726…
https://git.kernel.org/stable/c/ea834c90aa7cc80a1…
https://git.kernel.org/stable/c/7ccfadfb2562337b4…
https://git.kernel.org/stable/c/cfaca93b8fe317b7f…
https://git.kernel.org/stable/c/484d3f15cc6cbaa52…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 99d6bdf3387734d75e3e34e94a58b8a355b7a9c8 , < bd1dcfba72aac4159c1d5e17cd861e702e6c19ac (git) Affected: 99d6bdf3387734d75e3e34e94a58b8a355b7a9c8 , < 4e3d1c1925d8e752992cd893d03d974e6807ac16 (git) Affected: 99d6bdf3387734d75e3e34e94a58b8a355b7a9c8 , < f9c5423855e3687262d881aeee5cfb3bc8577bff (git) Affected: 99d6bdf3387734d75e3e34e94a58b8a355b7a9c8 , < ea834c90aa7cc80a1b456f7a91432734d5087d16 (git) Affected: 99d6bdf3387734d75e3e34e94a58b8a355b7a9c8 , < 7ccfadfb2562337b4f0462a86a9746a6eea89718 (git) Affected: 99d6bdf3387734d75e3e34e94a58b8a355b7a9c8 , < cfaca93b8fe317b7faa9af732e0ba8c9081fa018 (git) Affected: 99d6bdf3387734d75e3e34e94a58b8a355b7a9c8 , < 484d3f15cc6cbaa52541d6259778e715b2c83c54 (git)
Linux	Linux	Affected: 4.17 Unaffected: 0 , < 4.17 (semver) Unaffected: 5.10.248 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.136 , ≤ 6.1.* (semver) Unaffected: 6.6.89 , ≤ 6.6.* (semver) Unaffected: 6.12.26 , ≤ 6.12.* (semver) Unaffected: 6.14.5 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:03.977Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/cpufreq/scmi-cpufreq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bd1dcfba72aac4159c1d5e17cd861e702e6c19ac",
              "status": "affected",
              "version": "99d6bdf3387734d75e3e34e94a58b8a355b7a9c8",
              "versionType": "git"
            },
            {
              "lessThan": "4e3d1c1925d8e752992cd893d03d974e6807ac16",
              "status": "affected",
              "version": "99d6bdf3387734d75e3e34e94a58b8a355b7a9c8",
              "versionType": "git"
            },
            {
              "lessThan": "f9c5423855e3687262d881aeee5cfb3bc8577bff",
              "status": "affected",
              "version": "99d6bdf3387734d75e3e34e94a58b8a355b7a9c8",
              "versionType": "git"
            },
            {
              "lessThan": "ea834c90aa7cc80a1b456f7a91432734d5087d16",
              "status": "affected",
              "version": "99d6bdf3387734d75e3e34e94a58b8a355b7a9c8",
              "versionType": "git"
            },
            {
              "lessThan": "7ccfadfb2562337b4f0462a86a9746a6eea89718",
              "status": "affected",
              "version": "99d6bdf3387734d75e3e34e94a58b8a355b7a9c8",
              "versionType": "git"
            },
            {
              "lessThan": "cfaca93b8fe317b7faa9af732e0ba8c9081fa018",
              "status": "affected",
              "version": "99d6bdf3387734d75e3e34e94a58b8a355b7a9c8",
              "versionType": "git"
            },
            {
              "lessThan": "484d3f15cc6cbaa52541d6259778e715b2c83c54",
              "status": "affected",
              "version": "99d6bdf3387734d75e3e34e94a58b8a355b7a9c8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/cpufreq/scmi-cpufreq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.17"
            },
            {
              "lessThan": "4.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.248",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.136",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.89",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.26",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.248",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.136",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.89",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.26",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.5",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:15:58.151Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bd1dcfba72aac4159c1d5e17cd861e702e6c19ac"
        },
        {
          "url": "https://git.kernel.org/stable/c/4e3d1c1925d8e752992cd893d03d974e6807ac16"
        },
        {
          "url": "https://git.kernel.org/stable/c/f9c5423855e3687262d881aeee5cfb3bc8577bff"
        },
        {
          "url": "https://git.kernel.org/stable/c/ea834c90aa7cc80a1b456f7a91432734d5087d16"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ccfadfb2562337b4f0462a86a9746a6eea89718"
        },
        {
          "url": "https://git.kernel.org/stable/c/cfaca93b8fe317b7faa9af732e0ba8c9081fa018"
        },
        {
          "url": "https://git.kernel.org/stable/c/484d3f15cc6cbaa52541d6259778e715b2c83c54"
        }
      ],
      "title": "cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37830",
    "datePublished": "2025-05-08T06:26:21.736Z",
    "dateReserved": "2025-04-16T04:51:23.951Z",
    "dateUpdated": "2026-05-11T21:15:58.151Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-37836 (GCVE-0-2025-37836)

Vulnerability from cvelistv5 – Published: 2025-05-09 06:41 – Updated: 2026-05-11 21:16

Title

PCI: Fix reference leak in pci_register_host_bridge()

Summary

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reference leak in pci_register_host_bridge() If device_register() fails, call put_device() to give up the reference to avoid a memory leak, per the comment at device_register(). Found by code review. [bhelgaas: squash Dan Carpenter's double free fix from https://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]

Severity

No CVSS data available.

Assigner

Linux

References

10 references

URL	Tags
https://git.kernel.org/stable/c/f4db1b2c9ae3d0137…
https://git.kernel.org/stable/c/3297497ad2246eb92…
https://git.kernel.org/stable/c/b783478e0c53ffb4f…
https://git.kernel.org/stable/c/bd2a352a0d72575f1…
https://git.kernel.org/stable/c/9707d0c932f41006a…
https://git.kernel.org/stable/c/bbba4c50a2d2a1d3f…
https://git.kernel.org/stable/c/f9208aec86226524e…
https://git.kernel.org/stable/c/804443c1f27883926…
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 , < f4db1b2c9ae3d013733c302ee70cac943b7070c0 (git) Affected: 37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 , < 3297497ad2246eb9243849bfbbc57a0dea97d76e (git) Affected: 37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 , < b783478e0c53ffb4f04f25fb4e21ef7f482b05df (git) Affected: 37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 , < bd2a352a0d72575f1842d28c14c10089f0cfe1ae (git) Affected: 37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 , < 9707d0c932f41006a2701afc926b232b50e356b4 (git) Affected: 37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 , < bbba4c50a2d2a1d3f3bf31cc4b8280cb492bf2c7 (git) Affected: 37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 , < f9208aec86226524ec1cb68a09ac70e974ea6536 (git) Affected: 37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 , < 804443c1f27883926de94c849d91f5b7d7d696e9 (git)
Linux	Linux	Affected: 4.10 Unaffected: 0 , < 4.10 (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.136 , ≤ 6.1.* (semver) Unaffected: 6.6.89 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:06.788Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/probe.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f4db1b2c9ae3d013733c302ee70cac943b7070c0",
              "status": "affected",
              "version": "37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4",
              "versionType": "git"
            },
            {
              "lessThan": "3297497ad2246eb9243849bfbbc57a0dea97d76e",
              "status": "affected",
              "version": "37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4",
              "versionType": "git"
            },
            {
              "lessThan": "b783478e0c53ffb4f04f25fb4e21ef7f482b05df",
              "status": "affected",
              "version": "37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4",
              "versionType": "git"
            },
            {
              "lessThan": "bd2a352a0d72575f1842d28c14c10089f0cfe1ae",
              "status": "affected",
              "version": "37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4",
              "versionType": "git"
            },
            {
              "lessThan": "9707d0c932f41006a2701afc926b232b50e356b4",
              "status": "affected",
              "version": "37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4",
              "versionType": "git"
            },
            {
              "lessThan": "bbba4c50a2d2a1d3f3bf31cc4b8280cb492bf2c7",
              "status": "affected",
              "version": "37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4",
              "versionType": "git"
            },
            {
              "lessThan": "f9208aec86226524ec1cb68a09ac70e974ea6536",
              "status": "affected",
              "version": "37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4",
              "versionType": "git"
            },
            {
              "lessThan": "804443c1f27883926de94c849d91f5b7d7d696e9",
              "status": "affected",
              "version": "37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/probe.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "lessThan": "4.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.136",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.89",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.237",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.136",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.89",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.24",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.12",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:16:02.804Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f4db1b2c9ae3d013733c302ee70cac943b7070c0"
        },
        {
          "url": "https://git.kernel.org/stable/c/3297497ad2246eb9243849bfbbc57a0dea97d76e"
        },
        {
          "url": "https://git.kernel.org/stable/c/b783478e0c53ffb4f04f25fb4e21ef7f482b05df"
        },
        {
          "url": "https://git.kernel.org/stable/c/bd2a352a0d72575f1842d28c14c10089f0cfe1ae"
        },
        {
          "url": "https://git.kernel.org/stable/c/9707d0c932f41006a2701afc926b232b50e356b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/bbba4c50a2d2a1d3f3bf31cc4b8280cb492bf2c7"
        },
        {
          "url": "https://git.kernel.org/stable/c/f9208aec86226524ec1cb68a09ac70e974ea6536"
        },
        {
          "url": "https://git.kernel.org/stable/c/804443c1f27883926de94c849d91f5b7d7d696e9"
        }
      ],
      "title": "PCI: Fix reference leak in pci_register_host_bridge()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37836",
    "datePublished": "2025-05-09T06:41:47.341Z",
    "dateReserved": "2025-04-16T04:51:23.952Z",
    "dateUpdated": "2026-05-11T21:16:02.804Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-37838 (GCVE-0-2025-37838)

Vulnerability from cvelistv5 – Published: 2025-04-18 14:20 – Updated: 2026-05-11 21:16

Title

HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition

Summary

In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition In the ssi_protocol_probe() function, &ssi->work is bound with ssip_xmit_work(), In ssip_pn_setup(), the ssip_pn_xmit() function within the ssip_pn_ops structure is capable of starting the work. If we remove the module which will call ssi_protocol_remove() to make a cleanup, it will free ssi through kfree(ssi), while the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | ssip_xmit_work ssi_protocol_remove | kfree(ssi); | | struct hsi_client *cl = ssi->cl; | // use ssi Fix it by ensuring that the work is canceled before proceeding with the cleanup in ssi_protocol_remove().

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-416 - Use After Free

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/d03abc1c2b2132455…
https://git.kernel.org/stable/c/4a8c29beb8a02b5a0…
https://git.kernel.org/stable/c/72972552d0d0bfeb2…
https://git.kernel.org/stable/c/d58493832e284f066…
https://git.kernel.org/stable/c/58eb29dba712ab0f1…
https://git.kernel.org/stable/c/ae5a6a0b425e8f76a…
https://git.kernel.org/stable/c/834e602d0cc7c743b…
https://git.kernel.org/stable/c/4b4194c9a7a8f92db…
https://git.kernel.org/stable/c/e3f88665a78045fe3…
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: df26d639e2f4628732a8da5a0f71e4e652ce809b , < d03abc1c2b21324550fa71e12d53e7d3498e0af6 (git) Affected: df26d639e2f4628732a8da5a0f71e4e652ce809b , < 4a8c29beb8a02b5a0a9d77d608aa14b6f88a6b86 (git) Affected: df26d639e2f4628732a8da5a0f71e4e652ce809b , < 72972552d0d0bfeb2dec5daf343a19018db36ffa (git) Affected: df26d639e2f4628732a8da5a0f71e4e652ce809b , < d58493832e284f066e559b8da5ab20c15a2801d3 (git) Affected: df26d639e2f4628732a8da5a0f71e4e652ce809b , < 58eb29dba712ab0f13af59ca2fe545f5ce360e78 (git) Affected: df26d639e2f4628732a8da5a0f71e4e652ce809b , < ae5a6a0b425e8f76a9f0677e50796e494e89b088 (git) Affected: df26d639e2f4628732a8da5a0f71e4e652ce809b , < 834e602d0cc7c743bfce734fad4a46cefc0f9ab1 (git) Affected: df26d639e2f4628732a8da5a0f71e4e652ce809b , < 4b4194c9a7a8f92db39e8e86c85f4fb12ebbec4f (git) Affected: df26d639e2f4628732a8da5a0f71e4e652ce809b , < e3f88665a78045fe35c7669d2926b8d97b892c11 (git)
Linux	Linux	Affected: 4.8 Unaffected: 0 , < 4.8 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-37838",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-21T14:38:43.871416Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T14:41:43.037Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:09.541Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hsi/clients/ssi_protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d03abc1c2b21324550fa71e12d53e7d3498e0af6",
              "status": "affected",
              "version": "df26d639e2f4628732a8da5a0f71e4e652ce809b",
              "versionType": "git"
            },
            {
              "lessThan": "4a8c29beb8a02b5a0a9d77d608aa14b6f88a6b86",
              "status": "affected",
              "version": "df26d639e2f4628732a8da5a0f71e4e652ce809b",
              "versionType": "git"
            },
            {
              "lessThan": "72972552d0d0bfeb2dec5daf343a19018db36ffa",
              "status": "affected",
              "version": "df26d639e2f4628732a8da5a0f71e4e652ce809b",
              "versionType": "git"
            },
            {
              "lessThan": "d58493832e284f066e559b8da5ab20c15a2801d3",
              "status": "affected",
              "version": "df26d639e2f4628732a8da5a0f71e4e652ce809b",
              "versionType": "git"
            },
            {
              "lessThan": "58eb29dba712ab0f13af59ca2fe545f5ce360e78",
              "status": "affected",
              "version": "df26d639e2f4628732a8da5a0f71e4e652ce809b",
              "versionType": "git"
            },
            {
              "lessThan": "ae5a6a0b425e8f76a9f0677e50796e494e89b088",
              "status": "affected",
              "version": "df26d639e2f4628732a8da5a0f71e4e652ce809b",
              "versionType": "git"
            },
            {
              "lessThan": "834e602d0cc7c743bfce734fad4a46cefc0f9ab1",
              "status": "affected",
              "version": "df26d639e2f4628732a8da5a0f71e4e652ce809b",
              "versionType": "git"
            },
            {
              "lessThan": "4b4194c9a7a8f92db39e8e86c85f4fb12ebbec4f",
              "status": "affected",
              "version": "df26d639e2f4628732a8da5a0f71e4e652ce809b",
              "versionType": "git"
            },
            {
              "lessThan": "e3f88665a78045fe35c7669d2926b8d97b892c11",
              "status": "affected",
              "version": "df26d639e2f4628732a8da5a0f71e4e652ce809b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hsi/clients/ssi_protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.8"
            },
            {
              "lessThan": "4.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.293",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.88",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.293",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.237",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.135",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.88",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.24",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.12",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition\n\nIn the ssi_protocol_probe() function, \u0026ssi-\u003ework is bound with\nssip_xmit_work(), In ssip_pn_setup(), the ssip_pn_xmit() function\nwithin the ssip_pn_ops structure is capable of starting the\nwork.\n\nIf we remove the module which will call ssi_protocol_remove()\nto make a cleanup, it will free ssi through kfree(ssi),\nwhile the work mentioned above will be used. The sequence\nof operations that may lead to a UAF bug is as follows:\n\nCPU0                                    CPU1\n\n                        | ssip_xmit_work\nssi_protocol_remove     |\nkfree(ssi);             |\n                        | struct hsi_client *cl = ssi-\u003ecl;\n                        | // use ssi\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in ssi_protocol_remove()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:16:05.252Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d03abc1c2b21324550fa71e12d53e7d3498e0af6"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a8c29beb8a02b5a0a9d77d608aa14b6f88a6b86"
        },
        {
          "url": "https://git.kernel.org/stable/c/72972552d0d0bfeb2dec5daf343a19018db36ffa"
        },
        {
          "url": "https://git.kernel.org/stable/c/d58493832e284f066e559b8da5ab20c15a2801d3"
        },
        {
          "url": "https://git.kernel.org/stable/c/58eb29dba712ab0f13af59ca2fe545f5ce360e78"
        },
        {
          "url": "https://git.kernel.org/stable/c/ae5a6a0b425e8f76a9f0677e50796e494e89b088"
        },
        {
          "url": "https://git.kernel.org/stable/c/834e602d0cc7c743bfce734fad4a46cefc0f9ab1"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b4194c9a7a8f92db39e8e86c85f4fb12ebbec4f"
        },
        {
          "url": "https://git.kernel.org/stable/c/e3f88665a78045fe35c7669d2926b8d97b892c11"
        }
      ],
      "title": "HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37838",
    "datePublished": "2025-04-18T14:20:55.389Z",
    "dateReserved": "2025-04-16T04:51:23.952Z",
    "dateUpdated": "2026-05-11T21:16:05.252Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-37839 (GCVE-0-2025-37839)

Vulnerability from cvelistv5 – Published: 2025-05-09 06:41 – Updated: 2026-05-23 15:58

Title

jbd2: remove wrong sb->s_sequence check

Summary

In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb->s_sequence check Journal emptiness is not determined by sb->s_sequence == 0 but rather by sb->s_start == 0 (which is set a few lines above). Furthermore 0 is a valid transaction ID so the check can spuriously trigger. Remove the invalid WARN_ON.

Severity

No CVSS data available.

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/cf30432f5b3064ff8…
https://git.kernel.org/stable/c/b479839525fe79069…
https://git.kernel.org/stable/c/ad926f735b4d4f107…
https://git.kernel.org/stable/c/3b4643ffaf72d7a5a…
https://git.kernel.org/stable/c/c88f7328bb0fff665…
https://git.kernel.org/stable/c/9eaec071f111cd212…
https://git.kernel.org/stable/c/c98eb9ffb1d9c9823…
https://git.kernel.org/stable/c/b0cca357f85beb614…
https://git.kernel.org/stable/c/e6eff39dd0fe4190c…
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 24bcc89c7e7c64982e6192b4952a0a92379fc341 , < cf30432f5b3064ff85d85639c2f0106f89c566f6 (git) Affected: 24bcc89c7e7c64982e6192b4952a0a92379fc341 , < b479839525fe7906966cdc4b5b2afbca048558a1 (git) Affected: 24bcc89c7e7c64982e6192b4952a0a92379fc341 , < ad926f735b4d4f10768fec7d080cadeb6d075cac (git) Affected: 24bcc89c7e7c64982e6192b4952a0a92379fc341 , < 3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77 (git) Affected: 24bcc89c7e7c64982e6192b4952a0a92379fc341 , < c88f7328bb0fff66520fc9164f02b1d06e083c1b (git) Affected: 24bcc89c7e7c64982e6192b4952a0a92379fc341 , < 9eaec071f111cd2124ce9a5b93536d3f6837d457 (git) Affected: 24bcc89c7e7c64982e6192b4952a0a92379fc341 , < c98eb9ffb1d9c98237b5e1668eee17654e129fb0 (git) Affected: 24bcc89c7e7c64982e6192b4952a0a92379fc341 , < b0cca357f85beb6144ab60c62dcc98508cc044bf (git) Affected: 24bcc89c7e7c64982e6192b4952a0a92379fc341 , < e6eff39dd0fe4190c6146069cc16d160e71d1148 (git) Affected: dd8ff32c1e7ed10fb0e168b4431983e09acbeb2f (git) Affected: 3.2.71 , < 3.3 (semver)
Linux	Linux	Affected: 3.4 Unaffected: 0 , < 3.4 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:12.328Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/jbd2/journal.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cf30432f5b3064ff85d85639c2f0106f89c566f6",
              "status": "affected",
              "version": "24bcc89c7e7c64982e6192b4952a0a92379fc341",
              "versionType": "git"
            },
            {
              "lessThan": "b479839525fe7906966cdc4b5b2afbca048558a1",
              "status": "affected",
              "version": "24bcc89c7e7c64982e6192b4952a0a92379fc341",
              "versionType": "git"
            },
            {
              "lessThan": "ad926f735b4d4f10768fec7d080cadeb6d075cac",
              "status": "affected",
              "version": "24bcc89c7e7c64982e6192b4952a0a92379fc341",
              "versionType": "git"
            },
            {
              "lessThan": "3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77",
              "status": "affected",
              "version": "24bcc89c7e7c64982e6192b4952a0a92379fc341",
              "versionType": "git"
            },
            {
              "lessThan": "c88f7328bb0fff66520fc9164f02b1d06e083c1b",
              "status": "affected",
              "version": "24bcc89c7e7c64982e6192b4952a0a92379fc341",
              "versionType": "git"
            },
            {
              "lessThan": "9eaec071f111cd2124ce9a5b93536d3f6837d457",
              "status": "affected",
              "version": "24bcc89c7e7c64982e6192b4952a0a92379fc341",
              "versionType": "git"
            },
            {
              "lessThan": "c98eb9ffb1d9c98237b5e1668eee17654e129fb0",
              "status": "affected",
              "version": "24bcc89c7e7c64982e6192b4952a0a92379fc341",
              "versionType": "git"
            },
            {
              "lessThan": "b0cca357f85beb6144ab60c62dcc98508cc044bf",
              "status": "affected",
              "version": "24bcc89c7e7c64982e6192b4952a0a92379fc341",
              "versionType": "git"
            },
            {
              "lessThan": "e6eff39dd0fe4190c6146069cc16d160e71d1148",
              "status": "affected",
              "version": "24bcc89c7e7c64982e6192b4952a0a92379fc341",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "dd8ff32c1e7ed10fb0e168b4431983e09acbeb2f",
              "versionType": "git"
            },
            {
              "lessThan": "3.3",
              "status": "affected",
              "version": "3.2.71",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/jbd2/journal.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.4"
            },
            {
              "lessThan": "3.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.293",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.88",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.293",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.237",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.135",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.88",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.24",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.12",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "3.2.71",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-23T15:58:22.167Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6"
        },
        {
          "url": "https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1"
        },
        {
          "url": "https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac"
        },
        {
          "url": "https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77"
        },
        {
          "url": "https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b"
        },
        {
          "url": "https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457"
        },
        {
          "url": "https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf"
        },
        {
          "url": "https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148"
        }
      ],
      "title": "jbd2: remove wrong sb-\u003es_sequence check",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37839",
    "datePublished": "2025-05-09T06:41:49.105Z",
    "dateReserved": "2025-04-16T04:51:23.952Z",
    "dateUpdated": "2026-05-23T15:58:22.167Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-37840 (GCVE-0-2025-37840)

Vulnerability from cvelistv5 – Published: 2025-05-09 06:41 – Updated: 2026-05-11 21:16

Title

mtd: rawnand: brcmnand: fix PM resume warning

Summary

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: fix PM resume warning Fixed warning on PM resume as shown below caused due to uninitialized struct nand_operation that checks chip select field : WARN_ON(op->cs >= nanddev_ntargets(&chip->base) [ 14.588522] ------------[ cut here ]------------ [ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8 [ 14.588553] Modules linked in: bdc udc_core [ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16 [ 14.588590] Tainted: [W]=WARN [ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree) [ 14.588598] Call trace: [ 14.588604] dump_backtrace from show_stack+0x18/0x1c [ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c [ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c [ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c [ 14.588653] r5:c08d40b0 r4:c1003cb0 [ 14.588656] dump_stack from __warn+0x84/0xe4 [ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194 [ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000 [ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8 [ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048 [ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150 [ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040 [ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54 [ 14.588735] r5:00000010 r4:c0840a50 [ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c [ 14.588757] dpm_run_callback from device_resume+0xc0/0x324 [ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010 [ 14.588779] device_resume from dpm_resume+0x130/0x160 [ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0 [ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20 [ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414 [ 14.588826] r4:00000010 [ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8 [ 14.588848] r5:c228a414 r4:00000000 [ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc [ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000 [ 14.588871] r4:00000003 [ 14.588874] pm_suspend from state_store+0x74/0xd0 [ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003 [ 14.588892] state_store from kobj_attr_store+0x1c/0x28 [ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250 [ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c [ 14.588936] r5:c3502900 r4:c0d92a48 [ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0 [ 14.588956] r5:c3502900 r4:c3501f40 [ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420 [ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00 [ 14.588983] r4:c042a88c [ 14.588987] vfs_write from ksys_write+0x74/0xe4 [ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00 [ 14.589008] r4:c34f7f00 [ 14.589011] ksys_write from sys_write+0x10/0x14 [ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004 [ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c [ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0) [ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001 [ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78 [ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8 [ 14.589065] ---[ end trace 0000000000000000 ]--- The fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when doing PM resume operation in compliance with the controller support for single die nand chip. Switching from nand_reset_op() to nan ---truncated---

Severity

No CVSS data available.

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/6f567c6a5250e3531…
https://git.kernel.org/stable/c/8775581e1c48e1bdd…
https://git.kernel.org/stable/c/fbcb584efa5cd912f…
https://git.kernel.org/stable/c/9dd161f707ecb7db3…
https://git.kernel.org/stable/c/9bd51723ab51580e0…
https://git.kernel.org/stable/c/7266066b9469f04ed…
https://git.kernel.org/stable/c/c2eb3cffb0d972c55…
https://git.kernel.org/stable/c/659b1f29f3e2fd5d7…
https://git.kernel.org/stable/c/ddc210cf8b8a8be68…
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 97d90da8a886949f09bb4754843fb0b504956ad2 , < 6f567c6a5250e3531cfd9c7ff254ecc2650464fa (git) Affected: 97d90da8a886949f09bb4754843fb0b504956ad2 , < 8775581e1c48e1bdd04a893d6f6bbe5128ad0ea7 (git) Affected: 97d90da8a886949f09bb4754843fb0b504956ad2 , < fbcb584efa5cd912ff8a151d67b8fe22f4162a85 (git) Affected: 97d90da8a886949f09bb4754843fb0b504956ad2 , < 9dd161f707ecb7db38e5f529e979a5b6eb565b2d (git) Affected: 97d90da8a886949f09bb4754843fb0b504956ad2 , < 9bd51723ab51580e077c91d494c37e80703b8524 (git) Affected: 97d90da8a886949f09bb4754843fb0b504956ad2 , < 7266066b9469f04ed1d4c0fdddaea1425835eb55 (git) Affected: 97d90da8a886949f09bb4754843fb0b504956ad2 , < c2eb3cffb0d972c5503e4d48921971c81def0fe5 (git) Affected: 97d90da8a886949f09bb4754843fb0b504956ad2 , < 659b1f29f3e2fd5d751fdf35c5526d1f1c9b3dd2 (git) Affected: 97d90da8a886949f09bb4754843fb0b504956ad2 , < ddc210cf8b8a8be68051ad958bf3e2cef6b681c2 (git)
Linux	Linux	Affected: 4.16 Unaffected: 0 , < 4.16 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:15.093Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/mtd/nand/raw/brcmnand/brcmnand.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6f567c6a5250e3531cfd9c7ff254ecc2650464fa",
              "status": "affected",
              "version": "97d90da8a886949f09bb4754843fb0b504956ad2",
              "versionType": "git"
            },
            {
              "lessThan": "8775581e1c48e1bdd04a893d6f6bbe5128ad0ea7",
              "status": "affected",
              "version": "97d90da8a886949f09bb4754843fb0b504956ad2",
              "versionType": "git"
            },
            {
              "lessThan": "fbcb584efa5cd912ff8a151d67b8fe22f4162a85",
              "status": "affected",
              "version": "97d90da8a886949f09bb4754843fb0b504956ad2",
              "versionType": "git"
            },
            {
              "lessThan": "9dd161f707ecb7db38e5f529e979a5b6eb565b2d",
              "status": "affected",
              "version": "97d90da8a886949f09bb4754843fb0b504956ad2",
              "versionType": "git"
            },
            {
              "lessThan": "9bd51723ab51580e077c91d494c37e80703b8524",
              "status": "affected",
              "version": "97d90da8a886949f09bb4754843fb0b504956ad2",
              "versionType": "git"
            },
            {
              "lessThan": "7266066b9469f04ed1d4c0fdddaea1425835eb55",
              "status": "affected",
              "version": "97d90da8a886949f09bb4754843fb0b504956ad2",
              "versionType": "git"
            },
            {
              "lessThan": "c2eb3cffb0d972c5503e4d48921971c81def0fe5",
              "status": "affected",
              "version": "97d90da8a886949f09bb4754843fb0b504956ad2",
              "versionType": "git"
            },
            {
              "lessThan": "659b1f29f3e2fd5d751fdf35c5526d1f1c9b3dd2",
              "status": "affected",
              "version": "97d90da8a886949f09bb4754843fb0b504956ad2",
              "versionType": "git"
            },
            {
              "lessThan": "ddc210cf8b8a8be68051ad958bf3e2cef6b681c2",
              "status": "affected",
              "version": "97d90da8a886949f09bb4754843fb0b504956ad2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/mtd/nand/raw/brcmnand/brcmnand.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.16"
            },
            {
              "lessThan": "4.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.293",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.88",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.293",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.237",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.135",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.88",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.24",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.12",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[   14.588522] ------------[ cut here ]------------\n[   14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[   14.588553] Modules linked in: bdc udc_core\n[   14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G        W          6.14.0-rc4-g5394eea10651 #16\n[   14.588590] Tainted: [W]=WARN\n[   14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[   14.588598] Call trace:\n[   14.588604]  dump_backtrace from show_stack+0x18/0x1c\n[   14.588622]  r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[   14.588625]  show_stack from dump_stack_lvl+0x70/0x7c\n[   14.588639]  dump_stack_lvl from dump_stack+0x18/0x1c\n[   14.588653]  r5:c08d40b0 r4:c1003cb0\n[   14.588656]  dump_stack from __warn+0x84/0xe4\n[   14.588668]  __warn from warn_slowpath_fmt+0x18c/0x194\n[   14.588678]  r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[   14.588681]  warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[   14.588695]  r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[   14.588697]  nand_reset_op from brcmnand_resume+0x13c/0x150\n[   14.588714]  r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[   14.588717]  brcmnand_resume from platform_pm_resume+0x34/0x54\n[   14.588735]  r5:00000010 r4:c0840a50\n[   14.588738]  platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[   14.588757]  dpm_run_callback from device_resume+0xc0/0x324\n[   14.588776]  r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[   14.588779]  device_resume from dpm_resume+0x130/0x160\n[   14.588799]  r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[   14.588802]  dpm_resume from dpm_resume_end+0x14/0x20\n[   14.588822]  r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[   14.588826]  r4:00000010\n[   14.588828]  dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[   14.588848]  r5:c228a414 r4:00000000\n[   14.588851]  suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[   14.588868]  r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[   14.588871]  r4:00000003\n[   14.588874]  pm_suspend from state_store+0x74/0xd0\n[   14.588889]  r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[   14.588892]  state_store from kobj_attr_store+0x1c/0x28\n[   14.588913]  r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[   14.588916]  kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[   14.588936]  r5:c3502900 r4:c0d92a48\n[   14.588939]  sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[   14.588956]  r5:c3502900 r4:c3501f40\n[   14.588960]  kernfs_fop_write_iter from vfs_write+0x250/0x420\n[   14.588980]  r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[   14.588983]  r4:c042a88c\n[   14.588987]  vfs_write from ksys_write+0x74/0xe4\n[   14.589005]  r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[   14.589008]  r4:c34f7f00\n[   14.589011]  ksys_write from sys_write+0x10/0x14\n[   14.589029]  r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[   14.589032]  sys_write from ret_fast_syscall+0x0/0x5c\n[   14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[   14.589050] 9fa0:                   00000004 00443398 00000004 00443398 00000004 00000001\n[   14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[   14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[   14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:16:07.567Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6f567c6a5250e3531cfd9c7ff254ecc2650464fa"
        },
        {
          "url": "https://git.kernel.org/stable/c/8775581e1c48e1bdd04a893d6f6bbe5128ad0ea7"
        },
        {
          "url": "https://git.kernel.org/stable/c/fbcb584efa5cd912ff8a151d67b8fe22f4162a85"
        },
        {
          "url": "https://git.kernel.org/stable/c/9dd161f707ecb7db38e5f529e979a5b6eb565b2d"
        },
        {
          "url": "https://git.kernel.org/stable/c/9bd51723ab51580e077c91d494c37e80703b8524"
        },
        {
          "url": "https://git.kernel.org/stable/c/7266066b9469f04ed1d4c0fdddaea1425835eb55"
        },
        {
          "url": "https://git.kernel.org/stable/c/c2eb3cffb0d972c5503e4d48921971c81def0fe5"
        },
        {
          "url": "https://git.kernel.org/stable/c/659b1f29f3e2fd5d751fdf35c5526d1f1c9b3dd2"
        },
        {
          "url": "https://git.kernel.org/stable/c/ddc210cf8b8a8be68051ad958bf3e2cef6b681c2"
        }
      ],
      "title": "mtd: rawnand: brcmnand: fix PM resume warning",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37840",
    "datePublished": "2025-05-09T06:41:50.015Z",
    "dateReserved": "2025-04-16T04:51:23.952Z",
    "dateUpdated": "2026-05-11T21:16:07.567Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-37841 (GCVE-0-2025-37841)

Vulnerability from cvelistv5 – Published: 2025-05-09 06:41 – Updated: 2026-05-11 21:16

Title

pm: cpupower: bench: Prevent NULL dereference on malloc failure

Summary

In the Linux kernel, the following vulnerability has been resolved: pm: cpupower: bench: Prevent NULL dereference on malloc failure If malloc returns NULL due to low memory, 'config' pointer can be NULL. Add a check to prevent NULL dereference.

Severity

No CVSS data available.

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/34a9394794b0f97af…
https://git.kernel.org/stable/c/79bded9d70142d2a1…
https://git.kernel.org/stable/c/0e297a02e03dceb28…
https://git.kernel.org/stable/c/87b9f0867c0afa7e8…
https://git.kernel.org/stable/c/942a4b97fc7751667…
https://git.kernel.org/stable/c/f8d28fa305b78c5d1…
https://git.kernel.org/stable/c/ceec06f464d5cfc0b…
https://git.kernel.org/stable/c/5e38122aa3fd0f978…
https://git.kernel.org/stable/c/208baa3ec9043a664…
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 7fe2f6399a84760a9af8896ac152728250f82adb , < 34a9394794b0f97af6afedc0c9ee2012c24b28ed (git) Affected: 7fe2f6399a84760a9af8896ac152728250f82adb , < 79bded9d70142d2a11d931fc029afece471641db (git) Affected: 7fe2f6399a84760a9af8896ac152728250f82adb , < 0e297a02e03dceb2874789ca40bd4e65c5371704 (git) Affected: 7fe2f6399a84760a9af8896ac152728250f82adb , < 87b9f0867c0afa7e892f4b30c36cff6bf2707f85 (git) Affected: 7fe2f6399a84760a9af8896ac152728250f82adb , < 942a4b97fc77516678b1d8af1521ff9a94c13b3e (git) Affected: 7fe2f6399a84760a9af8896ac152728250f82adb , < f8d28fa305b78c5d1073b63f26db265ba8291ae1 (git) Affected: 7fe2f6399a84760a9af8896ac152728250f82adb , < ceec06f464d5cfc0ba966225f7d50506ceb62242 (git) Affected: 7fe2f6399a84760a9af8896ac152728250f82adb , < 5e38122aa3fd0f9788186e86a677925bfec0b2d1 (git) Affected: 7fe2f6399a84760a9af8896ac152728250f82adb , < 208baa3ec9043a664d9acfb8174b332e6b17fb69 (git)
Linux	Linux	Affected: 3.1 Unaffected: 0 , < 3.1 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:17.871Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "tools/power/cpupower/bench/parse.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "34a9394794b0f97af6afedc0c9ee2012c24b28ed",
              "status": "affected",
              "version": "7fe2f6399a84760a9af8896ac152728250f82adb",
              "versionType": "git"
            },
            {
              "lessThan": "79bded9d70142d2a11d931fc029afece471641db",
              "status": "affected",
              "version": "7fe2f6399a84760a9af8896ac152728250f82adb",
              "versionType": "git"
            },
            {
              "lessThan": "0e297a02e03dceb2874789ca40bd4e65c5371704",
              "status": "affected",
              "version": "7fe2f6399a84760a9af8896ac152728250f82adb",
              "versionType": "git"
            },
            {
              "lessThan": "87b9f0867c0afa7e892f4b30c36cff6bf2707f85",
              "status": "affected",
              "version": "7fe2f6399a84760a9af8896ac152728250f82adb",
              "versionType": "git"
            },
            {
              "lessThan": "942a4b97fc77516678b1d8af1521ff9a94c13b3e",
              "status": "affected",
              "version": "7fe2f6399a84760a9af8896ac152728250f82adb",
              "versionType": "git"
            },
            {
              "lessThan": "f8d28fa305b78c5d1073b63f26db265ba8291ae1",
              "status": "affected",
              "version": "7fe2f6399a84760a9af8896ac152728250f82adb",
              "versionType": "git"
            },
            {
              "lessThan": "ceec06f464d5cfc0ba966225f7d50506ceb62242",
              "status": "affected",
              "version": "7fe2f6399a84760a9af8896ac152728250f82adb",
              "versionType": "git"
            },
            {
              "lessThan": "5e38122aa3fd0f9788186e86a677925bfec0b2d1",
              "status": "affected",
              "version": "7fe2f6399a84760a9af8896ac152728250f82adb",
              "versionType": "git"
            },
            {
              "lessThan": "208baa3ec9043a664d9acfb8174b332e6b17fb69",
              "status": "affected",
              "version": "7fe2f6399a84760a9af8896ac152728250f82adb",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "tools/power/cpupower/bench/parse.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "lessThan": "3.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.293",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.88",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.293",
                  "versionStartIncluding": "3.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.237",
                  "versionStartIncluding": "3.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "3.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.135",
                  "versionStartIncluding": "3.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.88",
                  "versionStartIncluding": "3.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.24",
                  "versionStartIncluding": "3.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.12",
                  "versionStartIncluding": "3.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "3.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "3.1",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:16:08.724Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/34a9394794b0f97af6afedc0c9ee2012c24b28ed"
        },
        {
          "url": "https://git.kernel.org/stable/c/79bded9d70142d2a11d931fc029afece471641db"
        },
        {
          "url": "https://git.kernel.org/stable/c/0e297a02e03dceb2874789ca40bd4e65c5371704"
        },
        {
          "url": "https://git.kernel.org/stable/c/87b9f0867c0afa7e892f4b30c36cff6bf2707f85"
        },
        {
          "url": "https://git.kernel.org/stable/c/942a4b97fc77516678b1d8af1521ff9a94c13b3e"
        },
        {
          "url": "https://git.kernel.org/stable/c/f8d28fa305b78c5d1073b63f26db265ba8291ae1"
        },
        {
          "url": "https://git.kernel.org/stable/c/ceec06f464d5cfc0ba966225f7d50506ceb62242"
        },
        {
          "url": "https://git.kernel.org/stable/c/5e38122aa3fd0f9788186e86a677925bfec0b2d1"
        },
        {
          "url": "https://git.kernel.org/stable/c/208baa3ec9043a664d9acfb8174b332e6b17fb69"
        }
      ],
      "title": "pm: cpupower: bench: Prevent NULL dereference on malloc failure",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37841",
    "datePublished": "2025-05-09T06:41:50.684Z",
    "dateReserved": "2025-04-16T04:51:23.952Z",
    "dateUpdated": "2026-05-11T21:16:08.724Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-37844 (GCVE-0-2025-37844)

Vulnerability from cvelistv5 – Published: 2025-05-09 06:41 – Updated: 2026-05-23 15:58

Title

cifs: avoid NULL pointer dereference in dbg call

Summary

In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Severity

No CVSS data available.

Assigner

Linux

References

10 references

URL	Tags
https://git.kernel.org/stable/c/ba3ce6c60cd5db258…
https://git.kernel.org/stable/c/9c9000cb91b986eb7…
https://git.kernel.org/stable/c/b2a1833e1c63e2585…
https://git.kernel.org/stable/c/864ba5c651b03830f…
https://git.kernel.org/stable/c/e0717385f5c51e290…
https://git.kernel.org/stable/c/20048e658652e731f…
https://git.kernel.org/stable/c/6c14ee6af8f1f188b…
https://git.kernel.org/stable/c/b4885bd5935bb26f0…
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: e79b0332ae06b4895dcecddf4bbc5d3917e9383c , < ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3 (git) Affected: e79b0332ae06b4895dcecddf4bbc5d3917e9383c , < 9c9000cb91b986eb7f75835340c67857ab97c09b (git) Affected: e79b0332ae06b4895dcecddf4bbc5d3917e9383c , < b2a1833e1c63e2585867ebeaf4dd41494dcede4b (git) Affected: e79b0332ae06b4895dcecddf4bbc5d3917e9383c , < 864ba5c651b03830f36f0906c21af05b15c1aaa6 (git) Affected: e79b0332ae06b4895dcecddf4bbc5d3917e9383c , < e0717385f5c51e290c2cd2ad4699a778316b5132 (git) Affected: e79b0332ae06b4895dcecddf4bbc5d3917e9383c , < 20048e658652e731f5cadf4a695925e570ca0ff9 (git) Affected: e79b0332ae06b4895dcecddf4bbc5d3917e9383c , < 6c14ee6af8f1f188b668afd6d003f7516a507b08 (git) Affected: e79b0332ae06b4895dcecddf4bbc5d3917e9383c , < b4885bd5935bb26f0a414ad55679a372e53f9b9b (git) Affected: 53e83828d352304fec5e19751f38ed8c65e6ec2f (git) Affected: 5.6.7 , < 5.7 (semver)
Linux	Linux	Affected: 5.7 Unaffected: 0 , < 5.7 (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:20.631Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/smb2misc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3",
              "status": "affected",
              "version": "e79b0332ae06b4895dcecddf4bbc5d3917e9383c",
              "versionType": "git"
            },
            {
              "lessThan": "9c9000cb91b986eb7f75835340c67857ab97c09b",
              "status": "affected",
              "version": "e79b0332ae06b4895dcecddf4bbc5d3917e9383c",
              "versionType": "git"
            },
            {
              "lessThan": "b2a1833e1c63e2585867ebeaf4dd41494dcede4b",
              "status": "affected",
              "version": "e79b0332ae06b4895dcecddf4bbc5d3917e9383c",
              "versionType": "git"
            },
            {
              "lessThan": "864ba5c651b03830f36f0906c21af05b15c1aaa6",
              "status": "affected",
              "version": "e79b0332ae06b4895dcecddf4bbc5d3917e9383c",
              "versionType": "git"
            },
            {
              "lessThan": "e0717385f5c51e290c2cd2ad4699a778316b5132",
              "status": "affected",
              "version": "e79b0332ae06b4895dcecddf4bbc5d3917e9383c",
              "versionType": "git"
            },
            {
              "lessThan": "20048e658652e731f5cadf4a695925e570ca0ff9",
              "status": "affected",
              "version": "e79b0332ae06b4895dcecddf4bbc5d3917e9383c",
              "versionType": "git"
            },
            {
              "lessThan": "6c14ee6af8f1f188b668afd6d003f7516a507b08",
              "status": "affected",
              "version": "e79b0332ae06b4895dcecddf4bbc5d3917e9383c",
              "versionType": "git"
            },
            {
              "lessThan": "b4885bd5935bb26f0a414ad55679a372e53f9b9b",
              "status": "affected",
              "version": "e79b0332ae06b4895dcecddf4bbc5d3917e9383c",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "53e83828d352304fec5e19751f38ed8c65e6ec2f",
              "versionType": "git"
            },
            {
              "lessThan": "5.7",
              "status": "affected",
              "version": "5.6.7",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/smb2misc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.88",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.237",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.135",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.88",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.24",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.12",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.6.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: avoid NULL pointer dereference in dbg call\n\ncifs_server_dbg() implies server to be non-NULL so\nmove call under condition to avoid NULL pointer dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-23T15:58:23.202Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3"
        },
        {
          "url": "https://git.kernel.org/stable/c/9c9000cb91b986eb7f75835340c67857ab97c09b"
        },
        {
          "url": "https://git.kernel.org/stable/c/b2a1833e1c63e2585867ebeaf4dd41494dcede4b"
        },
        {
          "url": "https://git.kernel.org/stable/c/864ba5c651b03830f36f0906c21af05b15c1aaa6"
        },
        {
          "url": "https://git.kernel.org/stable/c/e0717385f5c51e290c2cd2ad4699a778316b5132"
        },
        {
          "url": "https://git.kernel.org/stable/c/20048e658652e731f5cadf4a695925e570ca0ff9"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c14ee6af8f1f188b668afd6d003f7516a507b08"
        },
        {
          "url": "https://git.kernel.org/stable/c/b4885bd5935bb26f0a414ad55679a372e53f9b9b"
        }
      ],
      "title": "cifs: avoid NULL pointer dereference in dbg call",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37844",
    "datePublished": "2025-05-09T06:41:53.224Z",
    "dateReserved": "2025-04-16T04:51:23.953Z",
    "dateUpdated": "2026-05-23T15:58:23.202Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-37850 (GCVE-0-2025-37850)

Vulnerability from cvelistv5 – Published: 2025-05-09 06:41 – Updated: 2026-05-11 21:16

Title

pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()

Summary

In the Linux kernel, the following vulnerability has been resolved: pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() With CONFIG_COMPILE_TEST && !CONFIG_HAVE_CLK, pwm_mediatek_config() has a divide-by-zero in the following line: do_div(resolution, clk_get_rate(pc->clk_pwms[pwm->hwpwm])); due to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate() returns zero. This is presumably just a theoretical problem: COMPILE_TEST overrides the dependency on RALINK which would select COMMON_CLK. Regardless it's a good idea to check for the error explicitly to avoid divide-by-zero. Fixes the following warning: drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section [ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]

Severity

No CVSS data available.

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/8b9f60725d74b72c2…
https://git.kernel.org/stable/c/e1206d8e1651c9f62…
https://git.kernel.org/stable/c/e3cf0c38d3ce754ad…
https://git.kernel.org/stable/c/f3e9cf266c2c103cf…
https://git.kernel.org/stable/c/8ddbec73ea2598d84…
https://git.kernel.org/stable/c/4cb15042b5f3ec047…
https://git.kernel.org/stable/c/c343856ff2689ce0a…
https://git.kernel.org/stable/c/77fb96dbe350e8a5a…
https://git.kernel.org/stable/c/7ca59947b5fcf94e7…
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: caf065f8fd583b43a3f95d84c8a0a0d07597963b , < 8b9f60725d74b72c238e4437c957d0217746b506 (git) Affected: caf065f8fd583b43a3f95d84c8a0a0d07597963b , < e1206d8e1651c9f62e5640b69b14d925b1a0a00a (git) Affected: caf065f8fd583b43a3f95d84c8a0a0d07597963b , < e3cf0c38d3ce754ad63005102fcfeb0b7ff3290b (git) Affected: caf065f8fd583b43a3f95d84c8a0a0d07597963b , < f3e9cf266c2c103cf071e15d7a17e2c699fff3c5 (git) Affected: caf065f8fd583b43a3f95d84c8a0a0d07597963b , < 8ddbec73ea2598d8414e8f7103241b55cf877010 (git) Affected: caf065f8fd583b43a3f95d84c8a0a0d07597963b , < 4cb15042b5f3ec0474e91cf379120cc597625dbb (git) Affected: caf065f8fd583b43a3f95d84c8a0a0d07597963b , < c343856ff2689ce0afef823592732fc178ef4aac (git) Affected: caf065f8fd583b43a3f95d84c8a0a0d07597963b , < 77fb96dbe350e8a5ae4965ff9f6e7049f3966a6b (git) Affected: caf065f8fd583b43a3f95d84c8a0a0d07597963b , < 7ca59947b5fcf94e7ea4029d1bd0f7c41500a161 (git)
Linux	Linux	Affected: 4.12 Unaffected: 0 , < 4.12 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:24.773Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/pwm/pwm-mediatek.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8b9f60725d74b72c238e4437c957d0217746b506",
              "status": "affected",
              "version": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
              "versionType": "git"
            },
            {
              "lessThan": "e1206d8e1651c9f62e5640b69b14d925b1a0a00a",
              "status": "affected",
              "version": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
              "versionType": "git"
            },
            {
              "lessThan": "e3cf0c38d3ce754ad63005102fcfeb0b7ff3290b",
              "status": "affected",
              "version": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
              "versionType": "git"
            },
            {
              "lessThan": "f3e9cf266c2c103cf071e15d7a17e2c699fff3c5",
              "status": "affected",
              "version": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
              "versionType": "git"
            },
            {
              "lessThan": "8ddbec73ea2598d8414e8f7103241b55cf877010",
              "status": "affected",
              "version": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
              "versionType": "git"
            },
            {
              "lessThan": "4cb15042b5f3ec0474e91cf379120cc597625dbb",
              "status": "affected",
              "version": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
              "versionType": "git"
            },
            {
              "lessThan": "c343856ff2689ce0afef823592732fc178ef4aac",
              "status": "affected",
              "version": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
              "versionType": "git"
            },
            {
              "lessThan": "77fb96dbe350e8a5ae4965ff9f6e7049f3966a6b",
              "status": "affected",
              "version": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
              "versionType": "git"
            },
            {
              "lessThan": "7ca59947b5fcf94e7ea4029d1bd0f7c41500a161",
              "status": "affected",
              "version": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/pwm/pwm-mediatek.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.12"
            },
            {
              "lessThan": "4.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.293",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.88",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.293",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.237",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.135",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.88",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.24",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.12",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK.  Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n  drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:16:19.020Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8b9f60725d74b72c238e4437c957d0217746b506"
        },
        {
          "url": "https://git.kernel.org/stable/c/e1206d8e1651c9f62e5640b69b14d925b1a0a00a"
        },
        {
          "url": "https://git.kernel.org/stable/c/e3cf0c38d3ce754ad63005102fcfeb0b7ff3290b"
        },
        {
          "url": "https://git.kernel.org/stable/c/f3e9cf266c2c103cf071e15d7a17e2c699fff3c5"
        },
        {
          "url": "https://git.kernel.org/stable/c/8ddbec73ea2598d8414e8f7103241b55cf877010"
        },
        {
          "url": "https://git.kernel.org/stable/c/4cb15042b5f3ec0474e91cf379120cc597625dbb"
        },
        {
          "url": "https://git.kernel.org/stable/c/c343856ff2689ce0afef823592732fc178ef4aac"
        },
        {
          "url": "https://git.kernel.org/stable/c/77fb96dbe350e8a5ae4965ff9f6e7049f3966a6b"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ca59947b5fcf94e7ea4029d1bd0f7c41500a161"
        }
      ],
      "title": "pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37850",
    "datePublished": "2025-05-09T06:41:57.784Z",
    "dateReserved": "2025-04-16T04:51:23.954Z",
    "dateUpdated": "2026-05-11T21:16:19.020Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-37851 (GCVE-0-2025-37851)

Vulnerability from cvelistv5 – Published: 2025-05-09 06:41 – Updated: 2026-05-11 21:16

Title

fbdev: omapfb: Add 'plane' value check

Summary

In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB of the enum parameter plane. The value of this parameter is initialized in dss_init_overlays and in the current state of the code it cannot take this value so it's not a real problem. For the purposes of defensive coding it wouldn't be superfluous to check the parameter value, because some functions down the call stack process this value correctly and some not. For example, in dispc_ovl_setup_global_alpha it may lead to buffer overflow. Add check for this value. Found by Linux Verification Center (linuxtesting.org) with SVACE static analysis tool.

Severity

No CVSS data available.

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/a570efb4d877adbf3…
https://git.kernel.org/stable/c/cdf41d72e8b015d9e…
https://git.kernel.org/stable/c/09dbf22fd68c2f1a8…
https://git.kernel.org/stable/c/660a53a0694d1f378…
https://git.kernel.org/stable/c/fda15c5b96b883d62…
https://git.kernel.org/stable/c/52eafaa56f8f6d6a0…
https://git.kernel.org/stable/c/9b0a41589ee70529b…
https://git.kernel.org/stable/c/4efd8ef5e40f2c7a4…
https://git.kernel.org/stable/c/3e411827f31db7f93…
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 559d67018950ced65c73358cd69c4bdd2b0c5dd6 , < a570efb4d877adbf3db2dc95487f2ba6bfdd148a (git) Affected: 559d67018950ced65c73358cd69c4bdd2b0c5dd6 , < cdf41d72e8b015d9ea68f5a1c0a79624e7c312aa (git) Affected: 559d67018950ced65c73358cd69c4bdd2b0c5dd6 , < 09dbf22fd68c2f1a81ab89670ffa1ec3033436c4 (git) Affected: 559d67018950ced65c73358cd69c4bdd2b0c5dd6 , < 660a53a0694d1f3789802509fe729dd4656fc5e0 (git) Affected: 559d67018950ced65c73358cd69c4bdd2b0c5dd6 , < fda15c5b96b883d62fb2d84a3a1422aa87717897 (git) Affected: 559d67018950ced65c73358cd69c4bdd2b0c5dd6 , < 52eafaa56f8f6d6a0cdff9282b25b4acbde34edc (git) Affected: 559d67018950ced65c73358cd69c4bdd2b0c5dd6 , < 9b0a41589ee70529b20e1e0108d03f10c649bdc4 (git) Affected: 559d67018950ced65c73358cd69c4bdd2b0c5dd6 , < 4efd8ef5e40f2c7a4a91a5a9f03140bfa827da89 (git) Affected: 559d67018950ced65c73358cd69c4bdd2b0c5dd6 , < 3e411827f31db7f938a30a3c7a7599839401ec30 (git)
Linux	Linux	Affected: 2.6.33 Unaffected: 0 , < 2.6.33 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:27.631Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/video/fbdev/omap2/omapfb/dss/dispc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a570efb4d877adbf3db2dc95487f2ba6bfdd148a",
              "status": "affected",
              "version": "559d67018950ced65c73358cd69c4bdd2b0c5dd6",
              "versionType": "git"
            },
            {
              "lessThan": "cdf41d72e8b015d9ea68f5a1c0a79624e7c312aa",
              "status": "affected",
              "version": "559d67018950ced65c73358cd69c4bdd2b0c5dd6",
              "versionType": "git"
            },
            {
              "lessThan": "09dbf22fd68c2f1a81ab89670ffa1ec3033436c4",
              "status": "affected",
              "version": "559d67018950ced65c73358cd69c4bdd2b0c5dd6",
              "versionType": "git"
            },
            {
              "lessThan": "660a53a0694d1f3789802509fe729dd4656fc5e0",
              "status": "affected",
              "version": "559d67018950ced65c73358cd69c4bdd2b0c5dd6",
              "versionType": "git"
            },
            {
              "lessThan": "fda15c5b96b883d62fb2d84a3a1422aa87717897",
              "status": "affected",
              "version": "559d67018950ced65c73358cd69c4bdd2b0c5dd6",
              "versionType": "git"
            },
            {
              "lessThan": "52eafaa56f8f6d6a0cdff9282b25b4acbde34edc",
              "status": "affected",
              "version": "559d67018950ced65c73358cd69c4bdd2b0c5dd6",
              "versionType": "git"
            },
            {
              "lessThan": "9b0a41589ee70529b20e1e0108d03f10c649bdc4",
              "status": "affected",
              "version": "559d67018950ced65c73358cd69c4bdd2b0c5dd6",
              "versionType": "git"
            },
            {
              "lessThan": "4efd8ef5e40f2c7a4a91a5a9f03140bfa827da89",
              "status": "affected",
              "version": "559d67018950ced65c73358cd69c4bdd2b0c5dd6",
              "versionType": "git"
            },
            {
              "lessThan": "3e411827f31db7f938a30a3c7a7599839401ec30",
              "status": "affected",
              "version": "559d67018950ced65c73358cd69c4bdd2b0c5dd6",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/video/fbdev/omap2/omapfb/dss/dispc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.33"
            },
            {
              "lessThan": "2.6.33",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.293",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.88",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.293",
                  "versionStartIncluding": "2.6.33",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.237",
                  "versionStartIncluding": "2.6.33",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "2.6.33",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.135",
                  "versionStartIncluding": "2.6.33",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.88",
                  "versionStartIncluding": "2.6.33",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.24",
                  "versionStartIncluding": "2.6.33",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.12",
                  "versionStartIncluding": "2.6.33",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "2.6.33",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "2.6.33",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:16:20.174Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a570efb4d877adbf3db2dc95487f2ba6bfdd148a"
        },
        {
          "url": "https://git.kernel.org/stable/c/cdf41d72e8b015d9ea68f5a1c0a79624e7c312aa"
        },
        {
          "url": "https://git.kernel.org/stable/c/09dbf22fd68c2f1a81ab89670ffa1ec3033436c4"
        },
        {
          "url": "https://git.kernel.org/stable/c/660a53a0694d1f3789802509fe729dd4656fc5e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/fda15c5b96b883d62fb2d84a3a1422aa87717897"
        },
        {
          "url": "https://git.kernel.org/stable/c/52eafaa56f8f6d6a0cdff9282b25b4acbde34edc"
        },
        {
          "url": "https://git.kernel.org/stable/c/9b0a41589ee70529b20e1e0108d03f10c649bdc4"
        },
        {
          "url": "https://git.kernel.org/stable/c/4efd8ef5e40f2c7a4a91a5a9f03140bfa827da89"
        },
        {
          "url": "https://git.kernel.org/stable/c/3e411827f31db7f938a30a3c7a7599839401ec30"
        }
      ],
      "title": "fbdev: omapfb: Add \u0027plane\u0027 value check",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37851",
    "datePublished": "2025-05-09T06:41:58.466Z",
    "dateReserved": "2025-04-16T04:51:23.955Z",
    "dateUpdated": "2026-05-11T21:16:20.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-37857 (GCVE-0-2025-37857)

Vulnerability from cvelistv5 – Published: 2025-05-09 06:42 – Updated: 2026-05-11 21:16

Title

scsi: st: Fix array overflow in st_setup()

Summary

In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in st_setup() Change the array size to follow parms size instead of a fixed value.

Severity

No CVSS data available.

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/736ae988bfb5932c0…
https://git.kernel.org/stable/c/574b399a7fb6ae71c…
https://git.kernel.org/stable/c/c6015d0f7a2236ddb…
https://git.kernel.org/stable/c/f746fe0c51e044d12…
https://git.kernel.org/stable/c/e4d1ca0a84a6650d3…
https://git.kernel.org/stable/c/7fe3b4deed8b93609…
https://git.kernel.org/stable/c/e6b585d016c47ca8a…
https://git.kernel.org/stable/c/ad4c3037dc77739a6…
https://git.kernel.org/stable/c/a018d1cf990d0c339…
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 , < 736ae988bfb5932c05625baff70fba224d547c08 (git) Affected: 2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 , < 574b399a7fb6ae71c97e26d122205c4a720c0e43 (git) Affected: 2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 , < c6015d0f7a2236ddb3928b2dfcb1c556a1368b55 (git) Affected: 2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 , < f746fe0c51e044d1248dc67918328bfb3d86b639 (git) Affected: 2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 , < e4d1ca0a84a6650d3172eb8c07ef2fbc585b0d96 (git) Affected: 2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 , < 7fe3b4deed8b93609058c37c9a11df1d2b2c0423 (git) Affected: 2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 , < e6b585d016c47ca8a37b92ea8a3fe35c0b585256 (git) Affected: 2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 , < ad4c3037dc77739a625246a2a0fb23b8f3402c06 (git) Affected: 2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 , < a018d1cf990d0c339fe0e29b762ea5dc10567d67 (git)
Linux	Linux	Affected: 3.19 Unaffected: 0 , < 3.19 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:56:33.197Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/st.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "736ae988bfb5932c05625baff70fba224d547c08",
              "status": "affected",
              "version": "2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4",
              "versionType": "git"
            },
            {
              "lessThan": "574b399a7fb6ae71c97e26d122205c4a720c0e43",
              "status": "affected",
              "version": "2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4",
              "versionType": "git"
            },
            {
              "lessThan": "c6015d0f7a2236ddb3928b2dfcb1c556a1368b55",
              "status": "affected",
              "version": "2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4",
              "versionType": "git"
            },
            {
              "lessThan": "f746fe0c51e044d1248dc67918328bfb3d86b639",
              "status": "affected",
              "version": "2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4",
              "versionType": "git"
            },
            {
              "lessThan": "e4d1ca0a84a6650d3172eb8c07ef2fbc585b0d96",
              "status": "affected",
              "version": "2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4",
              "versionType": "git"
            },
            {
              "lessThan": "7fe3b4deed8b93609058c37c9a11df1d2b2c0423",
              "status": "affected",
              "version": "2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4",
              "versionType": "git"
            },
            {
              "lessThan": "e6b585d016c47ca8a37b92ea8a3fe35c0b585256",
              "status": "affected",
              "version": "2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4",
              "versionType": "git"
            },
            {
              "lessThan": "ad4c3037dc77739a625246a2a0fb23b8f3402c06",
              "status": "affected",
              "version": "2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4",
              "versionType": "git"
            },
            {
              "lessThan": "a018d1cf990d0c339fe0e29b762ea5dc10567d67",
              "status": "affected",
              "version": "2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/st.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.19"
            },
            {
              "lessThan": "3.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.293",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.88",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.293",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.237",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.181",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.135",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.88",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.24",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.12",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: st: Fix array overflow in st_setup()\n\nChange the array size to follow parms size instead of a fixed value."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:16:27.166Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/736ae988bfb5932c05625baff70fba224d547c08"
        },
        {
          "url": "https://git.kernel.org/stable/c/574b399a7fb6ae71c97e26d122205c4a720c0e43"
        },
        {
          "url": "https://git.kernel.org/stable/c/c6015d0f7a2236ddb3928b2dfcb1c556a1368b55"
        },
        {
          "url": "https://git.kernel.org/stable/c/f746fe0c51e044d1248dc67918328bfb3d86b639"
        },
        {
          "url": "https://git.kernel.org/stable/c/e4d1ca0a84a6650d3172eb8c07ef2fbc585b0d96"
        },
        {
          "url": "https://git.kernel.org/stable/c/7fe3b4deed8b93609058c37c9a11df1d2b2c0423"
        },
        {
          "url": "https://git.kernel.org/stable/c/e6b585d016c47ca8a37b92ea8a3fe35c0b585256"
        },
        {
          "url": "https://git.kernel.org/stable/c/ad4c3037dc77739a625246a2a0fb23b8f3402c06"
        },
        {
          "url": "https://git.kernel.org/stable/c/a018d1cf990d0c339fe0e29b762ea5dc10567d67"
        }
      ],
      "title": "scsi: st: Fix array overflow in st_setup()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37857",
    "datePublished": "2025-05-09T06:42:05.258Z",
    "dateReserved": "2025-04-16T04:51:23.956Z",
    "dateUpdated": "2026-05-11T21:16:27.166Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTFR-2025-AVI-0670

Solutions

CVE-2025-37830 (GCVE-0-2025-37830)

CVE-2025-37836 (GCVE-0-2025-37836)

CVE-2025-37838 (GCVE-0-2025-37838)

CVE-2025-37839 (GCVE-0-2025-37839)

CVE-2025-37840 (GCVE-0-2025-37840)

CVE-2025-37841 (GCVE-0-2025-37841)

CVE-2025-37844 (GCVE-0-2025-37844)

CVE-2025-37850 (GCVE-0-2025-37850)

CVE-2025-37851 (GCVE-0-2025-37851)

CVE-2025-37857 (GCVE-0-2025-37857)

Tags

Sightings

Nomenclature