PT-2025-22160 · Linux+3 · Linux Kernel+3
Published
2025-02-05
·
Updated
2025-08-28
·
CVE-2025-37898
CVSS v2.0
6.0
Medium
| Vector | AV:L/AC:H/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A vulnerability in the Linux kernel has been resolved, related to the powerpc64/ftrace module loading without patchable function entries. The
get stubs size function assumes that there must always be at least one patchable function entry, which is not always the case, particularly for modules that export data but no code. This issue causes the section header sh size to be set to -ENOEXEC, leading to a failed allocation during module memory alloc() due to vmalloc node range() checking for zero-sized allocations. This results in a warning and the inability to allocate memory for module loading.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Resource Exhaustion
Improper Resource Release
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Linuxmint
Linux Kernel
Ubuntu