CVE-2025-37950 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
OSV7.8
EPSS
0.1%
top 77.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 20
Latest updateAug 28
Description
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: fix panic in failed foilio allocation
commit 7e119cff9d0a ("ocfs2: convert w_pages to w_folios") and commit
9a5e08652dc4b ("ocfs2: use an array of folios instead of an array of
pages") save -ENOMEM in the folio array upon allocation failure and call
the folio array free code.
The folio array free code expects either valid folio pointers or NULL.
Finding the -ENOMEM will result in a panic. Fix by NULLing the error
folio…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages3 packages
▶CVEListV5linux/linux7e119cff9d0a21e39e53c7d27addc31f4b8c0000 — 80d18f060d5bdf2c5eb3d1d00dcb744d6a879222+2
Patches
🔴Vulnerability Details
5OSV▶
linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities↗2025-08-18
GHSA▶
GHSA-pp8c-qfhv-484p: In the Linux kernel, the following vulnerability has been resolved:
ocfs2: fix panic in failed foilio allocation
commit 7e119cff9d0a ("ocfs2: conver↗2025-05-20
OSV▶
CVE-2025-37950: In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix panic in failed foilio allocation commit 7e119cff9d0a ("ocfs2: convert↗2025-05-20
📋Vendor Advisories
5Debian▶
CVE-2025-37950: linux - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix ...↗2025