Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-37803

Опубликовано: 08 мая 2025
Источник: redhat
CVSS3: 7
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.

A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabuf_create() function, which calculates the page count limit (pglimit) using the variable size_limit_mb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect page limit checks and allocating a larger DMA buffer than permitted. This issue can lead to memory corruption, system instability, and a denial of service.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected
Red Hat Enterprise Linux 10kernelFixedRHSA-2025:1544708.09.2025
Red Hat Enterprise Linux 9kernelFixedRHSA-2025:1542908.09.2025
Red Hat Enterprise Linux 9kernelFixedRHSA-2025:1542908.09.2025
Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionskernelFixedRHSA-2025:1157123.07.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-120
https://bugzilla.redhat.com/show_bug.cgi?id=2365013kernel: udmabuf: fix a buf size overflow issue during udmabuf creation

EPSS

Процентиль: 2%
0.00014
Низкий

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-37803

CVSS3: 7.8
ubuntu
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.

nvd логотип

CVE-2025-37803

CVSS3: 7.8
nvd
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.

msrc логотип

CVE-2025-37803

CVSS3: 7.8
msrc
4 месяца назад

Описание отсутствует

debian логотип

CVE-2025-37803

CVSS3: 7.8
debian
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: u ...

github логотип

GHSA-42fq-x79v-5vv5

CVSS3: 7.8
github
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.

EPSS

Процентиль: 2%
0.00014
Низкий

7 High

CVSS3