CVE-2025-37782

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-37782
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

04 Jun 2025, 11:15

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hfs/hfsplus: se corrige slab-out-of-bounds en hfs_bnode_read_key Syzbot informó de un problema en el subsistema hfs: ERROR: KASAN: slab-out-of-bounds en memcpy_from_page include/linux/highmem.h:423 [en línea] ERROR: KASAN: slab-out-of-bounds en hfs_bnode_read fs/hfs/bnode.c:35 [en línea] ERROR: KASAN: slab-out-of-bounds en hfs_bnode_read_key+0x314/0x450 fs/hfs/bnode.c:70 Escritura de tamaño 94 en la dirección ffff8880123cd100 por la tarea syz-executor237/5102 Rastreo de llamadas: __dump_stack lib/dump_stack.c:94 [en línea] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [en línea] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106 memcpy_from_page include/linux/highmem.h:423 [en línea] hfs_bnode_read fs/hfs/bnode.c:35 [en línea] hfs_bnode_read_key+0x314/0x450 fs/hfs/bnode.c:70 hfs_brec_insert+0x7f3/0xbd0 fs/hfs/brec.c:159 hfs_cat_create+0x41d/0xa50 fs/hfs/catalog.c:118 hfs_mkdir+0x6c/0xe0 fs/hfs/dir.c:232 vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257 do_mkdirat+0x264/0x3a0 fs/namei.c:4280 __do_sys_mkdir fs/namei.c:4300 [en línea] __se_sys_mkdir fs/namei.c:4298 [en línea] __x64_sys_mkdir+0x6c/0x80 fs/namei.c:4298 do_syscall_x64 arch/x86/entry/common.c:52 [en línea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fbdd6057a99 Se ha añadido una comprobación de la longitud de la clave en hfs_bnode_read_key para evitar el acceso a memoria fuera de los límites. Si la longitud de la clave no es válida, se borra el búfer de claves, lo que mejora la estabilidad y la fiabilidad.
Summary (en) In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key Syzbot reported an issue in hfs subsystem: BUG: KASAN: slab-out-of-bounds in memcpy_from_page include/linux/highmem.h:423 [inline] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read fs/hfs/bnode.c:35 [inline] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read_key+0x314/0x450 fs/hfs/bnode.c:70 Write of size 94 at addr ffff8880123cd100 by task syz-executor237/5102 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106 memcpy_from_page include/linux/highmem.h:423 [inline] hfs_bnode_read fs/hfs/bnode.c:35 [inline] hfs_bnode_read_key+0x314/0x450 fs/hfs/bnode.c:70 hfs_brec_insert+0x7f3/0xbd0 fs/hfs/brec.c:159 hfs_cat_create+0x41d/0xa50 fs/hfs/catalog.c:118 hfs_mkdir+0x6c/0xe0 fs/hfs/dir.c:232 vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257 do_mkdirat+0x264/0x3a0 fs/namei.c:4280 __do_sys_mkdir fs/namei.c:4300 [inline] __se_sys_mkdir fs/namei.c:4298 [inline] __x64_sys_mkdir+0x6c/0x80 fs/namei.c:4298 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fbdd6057a99 Add a check for key length in hfs_bnode_read_key to prevent out-of-bounds memory access. If the key length is invalid, the key buffer is cleared, improving stability and reliability. (en) Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
References
  • {'url': 'https://git.kernel.org/stable/c/0296f9733543c7c8e666e69da743cfffd32dd805', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/8060afd77761eac2048db12fb0510d76ce0cf1f3', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/84e8719c087e68c967975b78e67be54f697c957f', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/9c93fb4ad8d3b730afe1a09949ebbea64d4f60eb', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/9f77aa584a659b21211a794e53522e6fb16d4a16', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/a33c035df01d1e008874607da74bf7cf45152f47', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/bb5e07cb927724e0b47be371fa081141cfb14414', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/f6651c04191d49907d40f0891bbe51ef9703c792', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}

02 May 2025, 13:53

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hfs/hfsplus: se corrige slab-out-of-bounds en hfs_bnode_read_key Syzbot informó de un problema en el subsistema hfs: ERROR: KASAN: slab-out-of-bounds en memcpy_from_page include/linux/highmem.h:423 [en línea] ERROR: KASAN: slab-out-of-bounds en hfs_bnode_read fs/hfs/bnode.c:35 [en línea] ERROR: KASAN: slab-out-of-bounds en hfs_bnode_read_key+0x314/0x450 fs/hfs/bnode.c:70 Escritura de tamaño 94 en la dirección ffff8880123cd100 por la tarea syz-executor237/5102 Rastreo de llamadas: __dump_stack lib/dump_stack.c:94 [en línea] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [en línea] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106 memcpy_from_page include/linux/highmem.h:423 [en línea] hfs_bnode_read fs/hfs/bnode.c:35 [en línea] hfs_bnode_read_key+0x314/0x450 fs/hfs/bnode.c:70 hfs_brec_insert+0x7f3/0xbd0 fs/hfs/brec.c:159 hfs_cat_create+0x41d/0xa50 fs/hfs/catalog.c:118 hfs_mkdir+0x6c/0xe0 fs/hfs/dir.c:232 vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257 do_mkdirat+0x264/0x3a0 fs/namei.c:4280 __do_sys_mkdir fs/namei.c:4300 [en línea] __se_sys_mkdir fs/namei.c:4298 [en línea] __x64_sys_mkdir+0x6c/0x80 fs/namei.c:4298 do_syscall_x64 arch/x86/entry/common.c:52 [en línea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fbdd6057a99 Se ha añadido una comprobación de la longitud de la clave en hfs_bnode_read_key para evitar el acceso a memoria fuera de los límites. Si la longitud de la clave no es válida, se borra el búfer de claves, lo que mejora la estabilidad y la fiabilidad.

02 May 2025, 07:16

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/8060afd77761eac2048db12fb0510d76ce0cf1f3 -
  • () https://git.kernel.org/stable/c/a33c035df01d1e008874607da74bf7cf45152f47 -
  • () https://git.kernel.org/stable/c/f6651c04191d49907d40f0891bbe51ef9703c792 -

01 May 2025, 14:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-01 14:15

Updated : 2025-06-04 11:15

NVD link : CVE-2025-37782

Mitre link : CVE-2025-37782

CVE.ORG link : CVE-2025-37782

JSON object : View

Products Affected

No product.

CWE

No CWE.