CVE-2025-37892

HIGH EPSS 6.0%
Published May 20, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published May 20, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: mtd: inftlcore: Add error check for inftl_read_oob() In INFTL_findwriteunit(), the return value of inftl_read_oob() need to be checked. A proper implementation can be found in INFTL_deleteblock(). The status will be set as SECTOR_IGNORE to break from the while-loop correctly if the inftl_read_oob() fails.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
6.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥2.6.18  –  <5.4.293
linuxlinux_kernel*≥5.5  –  <5.10.237
linuxlinux_kernel*≥5.11  –  <5.15.181
linuxlinux_kernel*≥5.16  –  <6.1.135
linuxlinux_kernel*≥6.2  –  <6.6.88
linuxlinux_kernel*≥6.7  –  <6.12.24
linuxlinux_kernel*≥6.13  –  <6.13.12
linuxlinux_kernel*≥6.14  –  <6.14.3
linuxlinux_kernel6.15any
debiandebian_linux11.0any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/0300e751170cf80c05ca1a762a7b449e8ca6b693
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/114d94f095aa405fa9a51484c4be34846d7bb386
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1c22356dfb041e5292835c9ff44d5f91bef8dd18
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5479a6af3c96f73bec2d2819532b6d6814f52dd6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6af3b92b1c0b58ca281d0e1501bad2567f73c1a5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7772621041ee78823ccc5f1fe38f6faa22af7023
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b828d394308e8e00df0a6f57e7dabae609bb8b7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d027951dc85cb2e15924c980dc22a6754d100c7c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e7d6ceff95c55297f0ee8f9dbc4da5c558f30e9e
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
    Mailing ListThird Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0300e751170cf80c05ca1a762a7b449e8ca6b693
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/114d94f095aa405fa9a51484c4be34846d7bb386
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1c22356dfb041e5292835c9ff44d5f91bef8dd18
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5479a6af3c96f73bec2d2819532b6d6814f52dd6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6af3b92b1c0b58ca281d0e1501bad2567f73c1a5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7772621041ee78823ccc5f1fe38f6faa22af7023
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b828d394308e8e00df0a6f57e7dabae609bb8b7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d027951dc85cb2e15924c980dc22a6754d100c7c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e7d6ceff95c55297f0ee8f9dbc4da5c558f30e9e
    Patch