PT-2025-20517 · Linux+6 · Linux Kernel+6
Published
2025-04-09
·
Updated
2026-05-26
·
CVE-2025-37867
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.11.0-rc6+
Description
A vulnerability in the Linux kernel has been resolved, related to an oversized kvmalloc() warning triggered by syzkaller. The warning occurs in the mm/util.c file at line 665, specifically in the kvmalloc node noprof function. This issue is resolved by adding GFP NOWARN to silence the warning.
Recommendations
For Linux kernel versions prior to 6.11.0-rc6+, update to a version that includes the fix for the oversized kvmalloc() warning.
As a temporary workaround, consider disabling the
ib umem odp get function and related mlx5 ib reg user mr and ib uverbs reg mr functions until a patch is available.
Restrict access to the vulnerable mm/util.c file and related functions to minimize the risk of exploitation.Exploit
Fix
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu