CVE-2025-37834Uncontrolled Resource Consumption in Linux

CWE-400Uncontrolled Resource Consumption12 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 87.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
LinuxLinux KernelDebian Linux+11 more
Timeline
PublishedMay 8
Latest updateJul 8

Description

In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: don't try to reclaim hwpoison folio Syzkaller reports a bug as follows: Injecting memory failure for pfn 0x18b00e at process virtual address 0x20ffd000 Memory failure: 0x18b00e: dirty swapcache page still referenced by 2 users Memory failure: 0x18b00e: recovery action for dirty swapcache page: Failed page: refcount:2 mapcount:0 mapping:0000000000000000 index:0x20ffd pfn:0x18b00e memcg:ffff0000dd6d9000 anon flags: 0

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages16 packages

NVDlinux/linux_kernel6.136.14.5+1
Debianlinux/linux_kernel< 6.12.27-1+1
Ubuntulinux/linux_kernel< 6.14.0-22.22

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

5
OSV
linux-aws, linux-oracle vulnerabilities2025-07-08
OSV
linux-azure vulnerabilities2025-06-26
OSV
linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities2025-06-24
OSV
CVE-2025-37834: In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: don't try to reclaim hwpoison folio Syzkaller reports a bug as follows:2025-05-08
GHSA
GHSA-jmf7-45hm-82v2: In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: don't try to reclaim hwpoison folio Syzkaller reports a bug as follow2025-05-08

📋Vendor Advisories

6
Ubuntu
Linux kernel vulnerabilities2025-07-08
Ubuntu
Linux kernel (Azure) vulnerabilities2025-06-26
Ubuntu
Linux kernel vulnerabilities2025-06-24
Microsoft
mm/vmscan: don't try to reclaim hwpoison folio2025-05-13
Red Hat
kernel: mm/vmscan: don't try to reclaim hwpoison folio2025-05-08