CVE-2025-37857

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, specifically an array overflow in the st setup() function. The issue was addressed by changing the array size to follow the parms size instead of a fixed value.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-125

Related Identifiers

BDU:2025-11867

CVE-2025-37857

DLA-4178-1

DLA-4193-1

ECHO-6E5E-4FC1-90D6

OESA-2025-1625

OESA-2025-1629

USN-7594-1

USN-7594-2

USN-7594-3

USN-7654-1

USN-7654-2

USN-7654-3

USN-7654-4

USN-7654-5

USN-7655-1

USN-7686-1

USN-7711-1

USN-7712-1

USN-7712-2

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

CVE-2025-37857

Weakness Enumeration

Related Identifiers

Affected Products

References · 1554