PT-2025-20491 · Linux+6 · Linux Kernel+6

Published

2025-03-04

·

Updated

2026-05-26

·

CVE-2025-37840

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.14.0-rc4-g5394eea10651
Description A vulnerability in the Linux kernel has been resolved, specifically in the mtd: rawnand: brcmnand module. The issue caused a warning on PM resume due to an uninitialized struct nand operation that checks the chip select field. The warning was triggered by the nand reset op() function. The fix uses the higher-level nand reset(chip, chipnr) function, where chipnr equals 0, to comply with the controller's support for single-die NAND chips.
Recommendations For Linux kernel versions prior to 6.14.0-rc4-g5394eea10651, update to a newer version that includes the fix for the PM resume warning issue.

Exploit

Fix

Access of Uninitialized Pointer

Weakness Enumeration

CWE-824

Related Identifiers

BDU:2025-12329
CVE-2025-37840
DLA-4178-1
DLA-4193-1
ECHO-390E-03BE-8B61
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_02000-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7655-1
USN-7686-1
USN-7711-1
USN-7712-1
USN-7712-2
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu