CVE-2025-37866 — Linux vulnerability
11 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 77.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 9
Latest updateJul 8
Description
In the Linux kernel, the following vulnerability has been resolved:
mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show()
A warning is seen when running the latest kernel on a BlueField SOC:
[251.512704] ------------[ cut here ]------------
[251.512711] invalid sysfs_emit: buf:0000000003aa32ae
[251.512720] WARNING: CPU: 1 PID: 705264 at fs/sysfs/file.c:767 sysfs_emit+0xac/0xc8
The warning is triggered because the mlxbf-bootctl driver invokes
"sysfs_emit()" with a buffer pointer …
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5linux/linux9886f575de5aefcfab537467c72e5176e5301df0 — 5e1dcc5bfd7a2896178c604bc69d6ab9650967da+2
Patches
🔴Vulnerability Details
5OSV▶
CVE-2025-37866: In the Linux kernel, the following vulnerability has been resolved: mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show() A warning is s↗2025-05-09
GHSA▶
GHSA-3p47-qj26-6gg7: In the Linux kernel, the following vulnerability has been resolved:
mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show()
A warning is↗2025-05-09
📋Vendor Advisories
5Debian▶
CVE-2025-37866: linux - In the Linux kernel, the following vulnerability has been resolved: mlxbf-bootc...↗2025