CVE-2025-37978
MEDIUM EPSS 4.3%
Published May 20, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published May 20, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: block: integrity: Do not call set_page_dirty_lock() Placing multiple protection information buffers inside the same page can lead to oopses because set_page_dirty_lock() can't be called from interrupt context. Since a protection information buffer is not backed by a file there is no point in setting its page dirty, there is nothing to synchronize. Drop the call to set_page_dirty_lock() and remove the last argument to bio_integrity_unpin_bvec().
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
4.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 4
References 3
- git.kernel.org https://git.kernel.org/stable/c/39e160505198ff8c158f11bce2ba19809a756e8b
- git.kernel.org https://git.kernel.org/stable/c/9487fc1a10b3aa89feb24e7cedeccaaf63074617
- git.kernel.org https://git.kernel.org/stable/c/c38a005e6efb9ddfa06bd8353b82379d6fd5d6c4
Remediation
- git.kernel.org https://git.kernel.org/stable/c/39e160505198ff8c158f11bce2ba19809a756e8b
- git.kernel.org https://git.kernel.org/stable/c/9487fc1a10b3aa89feb24e7cedeccaaf63074617
- git.kernel.org https://git.kernel.org/stable/c/c38a005e6efb9ddfa06bd8353b82379d6fd5d6c4