CVE-2025-37779

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the lib/iov iter component. The issue is a folio use-after-free (UAF) problem that occurs when testing EROFS file-backed mount over v9fs on qemu. The root cause is that pages in bvec are coalesced across a folio boundary, and the refcount of all non-slab folios should be increased to ensure p9 releas pages can put them correctly. This results in a bad page state, as reported by the page sanity check.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.