CVE-2025-37902

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the dm module. The issue occurred when the dm split args function copied data from the old argv array to the argv array, using the size of the reallocated argv instead of the size of old argv. This resulted in reading and copying data from past the allocated memory of old argv, leading to a kernel panic. The call trace indicates that the issue occurred in the dm table add target function, which is called by table load and dm ctl ioctl. The estimated number of potentially affected devices is not available.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.