PT-2025-20535 · Linux+5 · Linux Kernel+5

Published

2025-03-04

Updated

2026-05-26

CVE-2025-37883

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A null pointer dereference issue has been resolved in the Linux kernel. The problem occurred due to the lack of a check for the return value of get zeroed page() in sclp console init(). Additionally, a memory leak was caused by loop allocation, which has been addressed by adding a free helper to handle the deallocation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Overflow

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-476

Related Identifiers

BDU:2025-11906

CVE-2025-37883

DLA-4193-1

ECHO-AE4A-1EA3-A678

MGASA-2025-0182

MGASA-2025-0183

USN-7594-1

USN-7594-2

USN-7594-3

USN-7654-1

USN-7654-2

USN-7654-3

USN-7654-4

USN-7654-5

USN-7655-1

USN-7686-1

USN-7711-1

USN-7712-1

USN-7712-2

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2025-20535 · Linux+5 · Linux Kernel+5

CVE-2025-37883

Weakness Enumeration

Related Identifiers

Affected Products

References · 1540