CVE-2025-6365
MEDIUMHobbesOSR Kitten < 2023-05-18 - Denial of Service via set_pte_at Function
Title source: llmDescription
A vulnerability was found in HobbesOSR Kitten up to c4f8b7c3158983d1020af432be1b417b28686736 and classified as critical. Affected by this issue is the function set_pte_at in the library /include/arch-arm64/pgtable.h. The manipulation leads to resource consumption. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.313358
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.313358
Third Party Advisory, VDB Entry third-party-advisory
https://vuldb.com/?submit.597382
Exploit, Issue Tracking, Vendor Advisory issue-tracking
https://github.com/HobbesOSR/kitten/issues/17
Scores
CVSS v3
5.7
EPSS
0.0065
EPSS Percentile
46.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-835
CWE-400
CWE-404
Status
published
Products (1)
hobbesosr/kitten
< 2023-05-18
Published
Jun 20, 2025
Tracked Since
Feb 18, 2026