Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-37803

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.

Published

2025-05-08T07:15:51.467

Last Modified

2025-11-03T20:18:36.007

Status

Modified

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
CWE-120
Type: Secondary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 5.4.293	Yes
Operating System	linux	linux_kernel	< 5.10.237	Yes
Operating System	linux	linux_kernel	< 5.15.181	Yes
Operating System	linux	linux_kernel	< 6.1.136	Yes
Operating System	linux	linux_kernel	< 6.6.89	Yes
Operating System	linux	linux_kernel	< 6.14.5	Yes
Operating System	linux	linux_kernel	6.15	Yes

References

https://git.kernel.org/stable/c/021ba7f1babd029e714d13a6bf2571b08af96d0f Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/13fe12c037b470321436deec393030c6153cfeb9 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/29b65a3171a49c9b69f31035146be966cec40b7a (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/2b8419c6ecf69007dcff54ea0b9f0b215282c55a Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/373512760e13fdaa726faa9502d0f5be2abb3d33 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/3f6c9d66e0f8eb9679b57913aa64b4d2266f6fbe Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/b2ff4e9c599b000833d16a917f519aa2e4a75de2 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/e84a08fc7e25cdad5d9a3def42cc770ff711193f Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html (af854a3a-2127-422b-91ae-364da2661108)