CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-37883: s390/sclp: Add check for get_zeroed_page()

Description

In the Linux kernel, the following vulnerability has been resolved:

s390/sclp: Add check for get_zeroed_page()

Add check for the return value of get_zeroed_page() in
sclp_console_init() to prevent null pointer dereference.
Furthermore, to solve the memory leak caused by the loop
allocation, add a free helper to do the free job.

Classification

CVE ID: CVE-2025-37883

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.03% (probability of being exploited)

EPSS Percentile: 7.64% (scored less or equal to compared to others)

EPSS Date: 2025-06-07 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-37883
https://git.kernel.org/stable/c/e1e00dc45648125ef7cb87ebc3b581ac224e7b39
https://git.kernel.org/stable/c/397254706eba9d8f99fd237feede7ab3169a7f9a
https://git.kernel.org/stable/c/28e5a867aa542e369e211c2baba7044228809a99
https://git.kernel.org/stable/c/3b3aa72636a6205933609ec274a8747720c1ee3f
https://git.kernel.org/stable/c/f69f8a93aacf6e99af7b1cc992d8ca2cc07b96fb
https://git.kernel.org/stable/c/3db42c75a921854a99db0a2775814fef97415bac

Timeline

2025-05-09 07:40:14 UTC
CVE

s390/sclp: Add check for get_zeroed_page()