CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation

Description

In the Linux kernel, the following vulnerability has been resolved:

udmabuf: fix a buf size overflow issue during udmabuf creation

by casting size_limit_mb to u64 when calculate pglimit.

Classification

CVE ID: CVE-2025-37803

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.01% (probability of being exploited)

EPSS Percentile: 1.47% (scored less or equal to compared to others)

EPSS Date: 2025-06-06 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-37803
https://git.kernel.org/stable/c/e84a08fc7e25cdad5d9a3def42cc770ff711193f
https://git.kernel.org/stable/c/13fe12c037b470321436deec393030c6153cfeb9
https://git.kernel.org/stable/c/373512760e13fdaa726faa9502d0f5be2abb3d33
https://git.kernel.org/stable/c/3f6c9d66e0f8eb9679b57913aa64b4d2266f6fbe
https://git.kernel.org/stable/c/b2ff4e9c599b000833d16a917f519aa2e4a75de2
https://git.kernel.org/stable/c/2b8419c6ecf69007dcff54ea0b9f0b215282c55a
https://git.kernel.org/stable/c/021ba7f1babd029e714d13a6bf2571b08af96d0f

Timeline

2025-05-08 07:40:11 UTC
CVE

udmabuf: fix a buf size overflow issue during udmabuf creation