CVE-2025-37760 — Type Confusion in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 84.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 1
Latest updateJul 8
Description
In the Linux kernel, the following vulnerability has been resolved:
mm/vma: add give_up_on_oom option on modify/merge, use in uffd release
Currently, if a VMA merge fails due to an OOM condition arising on commit
merge or a failure to duplicate anon_vma's, we report this so the caller
can handle it.
However there are cases where the caller is only ostensibly trying a
merge, and doesn't mind if it fails due to this condition.
Since we do not want to introduce an implicit assumption that we on…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
▶CVEListV5linux/linux79636d2981b066acd945117387a9533f56411f6f — b906c1ad25adce6ff35be19b65a1aa7d960fe1d7+4
Patches
🔴Vulnerability Details
5OSV▶
CVE-2025-37760: In the Linux kernel, the following vulnerability has been resolved: mm/vma: add give_up_on_oom option on modify/merge, use in uffd release Currently,↗2025-05-01
GHSA▶
GHSA-p4vj-hhfc-5j8x: In the Linux kernel, the following vulnerability has been resolved:
mm/vma: add give_up_on_oom option on modify/merge, use in uffd release
Currently↗2025-05-01
📋Vendor Advisories
5Debian▶
CVE-2025-37760: linux - In the Linux kernel, the following vulnerability has been resolved: mm/vma: add...↗2025