CVE-2025-37803

HIGH

Linux Kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.

References (10)

Core 10

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html

Mailing List

https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Patch

https://git.kernel.org/stable/c/29b65a3171a49c9b69f31035146be966cec40b7a

Patch

https://git.kernel.org/stable/c/021ba7f1babd029e714d13a6bf2571b08af96d0f

Patch

https://git.kernel.org/stable/c/13fe12c037b470321436deec393030c6153cfeb9

Patch

https://git.kernel.org/stable/c/2b8419c6ecf69007dcff54ea0b9f0b215282c55a

Patch

https://git.kernel.org/stable/c/373512760e13fdaa726faa9502d0f5be2abb3d33

Patch

https://git.kernel.org/stable/c/3f6c9d66e0f8eb9679b57913aa64b4d2266f6fbe

Patch

https://git.kernel.org/stable/c/b2ff4e9c599b000833d16a917f519aa2e4a75de2

Patch

https://git.kernel.org/stable/c/e84a08fc7e25cdad5d9a3def42cc770ff711193f

Scores

CVSS v3 7.8

EPSS 0.0005

EPSS Percentile 15.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (9)

linux/Kernel 4.20.0 - 5.4.293linux

linux/Kernel 5.11.0 - 5.15.181linux

linux/Kernel 5.16.0 - 6.1.136linux

linux/Kernel 5.5.0 - 5.10.237linux

linux/Kernel 6.13.0 - 6.14.5linux

linux/Kernel 6.2.0 - 6.6.89linux

linux/Kernel 6.7.0 - 6.12.57linux

linux/linux_kernel 6.15 rc1

linux/linux_kernel < 5.4.293

Published May 08, 2025

Tracked Since Feb 18, 2026