CVE-2025-37902 - Vulnerability Details

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Advisories

Source	ID	Title
Debian DSA	DSA-5925-1	linux security update
EUVD	EUVD-2025-15935	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://lore.kernel.org/linux-cve-announce/2025052056-CVE-2025-37902-40c3@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-37902
https://www.cve.org/CVERecord?id=CVE-2025-37902

History

Wed, 18 Jun 2025 16:00:00 +0000

Type	Values Removed	Values Added
Metrics	threat_severity `Moderate`	threat_severity `None`

Mon, 26 May 2025 11:45:00 +0000

Type	Values Removed	Values Added
References	https://git.kernel.org/stable/c/4c4f168b46229d527bda801ef15ad793b069f0ae https://git.kernel.org/stable/c/a27cbadb995fa4cca90cefd74332c55c2c26616b https://git.kernel.org/stable/c/aaa763ab8cecae6308c5ec7f309e1bc3a7ebd29f https://git.kernel.org/stable/c/db62809197658954a67b446c30677bc25baaf9f3 https://git.kernel.org/stable/c/ed3248a403740a623c73afd95f88cc37e0cd3ad2 https://git.kernel.org/stable/c/f1aff4bc199cb92c055668caed65505e3b4d2656

Mon, 26 May 2025 10:30:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: dm: fix copying after src array boundaries The blammed commit copied to argv the size of the reallocated argv, instead of the size of the old_argv, thus reading and copying from past the old_argv allocated memory. Following BUG_ON was hit: [ 3.038929][ T1] kernel BUG at lib/string_helpers.c:1040! [ 3.039147][ T1] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP ... [ 3.056489][ T1] Call trace: [ 3.056591][ T1] __fortify_panic+0x10/0x18 (P) [ 3.056773][ T1] dm_split_args+0x20c/0x210 [ 3.056942][ T1] dm_table_add_target+0x13c/0x360 [ 3.057132][ T1] table_load+0x110/0x3ac [ 3.057292][ T1] dm_ctl_ioctl+0x424/0x56c [ 3.057457][ T1] __arm64_sys_ioctl+0xa8/0xec [ 3.057634][ T1] invoke_syscall+0x58/0x10c [ 3.057804][ T1] el0_svc_common+0xa8/0xdc [ 3.057970][ T1] do_el0_svc+0x1c/0x28 [ 3.058123][ T1] el0_svc+0x50/0xac [ 3.058266][ T1] el0t_64_sync_handler+0x60/0xc4 [ 3.058452][ T1] el0t_64_sync+0x1b0/0x1b4 [ 3.058620][ T1] Code: f800865e a9bf7bfd 910003fd 941f48aa (d4210000) [ 3.058897][ T1] ---[ end trace 0000000000000000 ]--- [ 3.059083][ T1] Kernel panic - not syncing: Oops - BUG: Fatal exception Fix it by copying the size of src, and not the size of dst, as it was.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title	dm: fix copying after src array boundaries	kernel: dm: fix copying after src array boundaries

Thu, 22 May 2025 02:45:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025052056-CVE-2025-37902-40c3@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-37902 https://www.cve.org/CVERecord?id=CVE-2025-37902
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Moderate`

Tue, 20 May 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: dm: fix copying after src array boundaries The blammed commit copied to argv the size of the reallocated argv, instead of the size of the old_argv, thus reading and copying from past the old_argv allocated memory. Following BUG_ON was hit: [ 3.038929][ T1] kernel BUG at lib/string_helpers.c:1040! [ 3.039147][ T1] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP ... [ 3.056489][ T1] Call trace: [ 3.056591][ T1] __fortify_panic+0x10/0x18 (P) [ 3.056773][ T1] dm_split_args+0x20c/0x210 [ 3.056942][ T1] dm_table_add_target+0x13c/0x360 [ 3.057132][ T1] table_load+0x110/0x3ac [ 3.057292][ T1] dm_ctl_ioctl+0x424/0x56c [ 3.057457][ T1] __arm64_sys_ioctl+0xa8/0xec [ 3.057634][ T1] invoke_syscall+0x58/0x10c [ 3.057804][ T1] el0_svc_common+0xa8/0xdc [ 3.057970][ T1] do_el0_svc+0x1c/0x28 [ 3.058123][ T1] el0_svc+0x50/0xac [ 3.058266][ T1] el0t_64_sync_handler+0x60/0xc4 [ 3.058452][ T1] el0t_64_sync+0x1b0/0x1b4 [ 3.058620][ T1] Code: f800865e a9bf7bfd 910003fd 941f48aa (d4210000) [ 3.058897][ T1] ---[ end trace 0000000000000000 ]--- [ 3.059083][ T1] Kernel panic - not syncing: Oops - BUG: Fatal exception Fix it by copying the size of src, and not the size of dst, as it was.
Title		dm: fix copying after src array boundaries
References		https://git.kernel.org/stable/c/4c4f168b46229d527bda801ef15ad793b069f0ae https://git.kernel.org/stable/c/a27cbadb995fa4cca90cefd74332c55c2c26616b https://git.kernel.org/stable/c/aaa763ab8cecae6308c5ec7f309e1bc3a7ebd29f https://git.kernel.org/stable/c/db62809197658954a67b446c30677bc25baaf9f3 https://git.kernel.org/stable/c/ed3248a403740a623c73afd95f88cc37e0cd3ad2 https://git.kernel.org/stable/c/f1aff4bc199cb92c055668caed65505e3b4d2656

Projects

Sign in to view the affected projects.

MITRE

Status: REJECTED

Assigner: Linux

Published: 2025-05-20T15:21:36.708Z

Updated: 2025-05-26T10:17:48.887Z

Reserved: 2025-04-16T04:51:23.965Z

Link: CVE-2025-37902

Vulnrichment

No data.

NVD

Status : Rejected

Published: 2025-05-20T16:15:26.560

Modified: 2025-05-26T11:15:24.460

Link: CVE-2025-37902

Redhat

Severity :

Publid Date: 2025-05-20T00:00:00Z

Links: CVE-2025-37902 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object