NVD

CVE-2025-37902 Detail

Rejected

This CVE has been marked Rejected in the CVE List. These CVEs are stored in the NVD, but do not show up in search results by default.

Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)

Weakness Enumeration

CWE-ID	CWE Name	Source

Change History

3 change records found show changes

CVE Modified by kernel.org 5/26/2025 7:15:24 AM

Action	Type	Old Value	New Value
Changed	Description	In the Linux kernel, the following vulnerability has been resolved: dm: fix copying after src array boundaries The blammed commit copied to argv the size of the reallocated argv, instead of the size of the old_argv, thus reading and copying from past the old_argv allocated memory. Following BUG_ON was hit: [ 3.038929][ T1] kernel BUG at lib/string_helpers.c:1040! [ 3.039147][ T1] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP ... [ 3.056489][ T1] Call trace: [ 3.056591][ T1] __fortify_panic+0x10/0x18 (P) [ 3.056773][ T1] dm_split_args+0x20c/0x210 [ 3.056942][ T1] dm_table_add_target+0x13c/0x360 [ 3.057132][ T1] table_load+0x110/0x3ac [ 3.057292][ T1] dm_ctl_ioctl+0x424/0x56c [ 3.057457][ T1] __arm64_sys_ioctl+0xa8/0xec [ 3.057634][ T1] invoke_syscall+0x58/0x10c [ 3.057804][ T1] el0_svc_common+0xa8/0xdc [ 3.057970][ T1] do_el0_svc+0x1c/0x28 [ 3.058123][ T1] el0_svc+0x50/0xac [ 3.058266][ T1] el0t_64_sync_handler+0x60/0xc4 [ 3.058452][ T1] el0t_64_sync+0x1b0/0x1b4 [ 3.058620][ T1] Code: f800865e a9bf7bfd 910003fd 941f48aa (d4210000) [ 3.058897][ T1] ---[ end trace 0000000000000000 ]--- [ 3.059083][ T1] Kernel panic - not syncing: Oops - BUG: Fatal exception Fix it by copying the size of src, and not the size of dst, as it was.	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Removed	Reference	kernel.org: https://git.kernel.org/stable/c/4c4f168b46229d527bda801ef15ad793b069f0ae
Removed	Reference	kernel.org: https://git.kernel.org/stable/c/a27cbadb995fa4cca90cefd74332c55c2c26616b
Removed	Reference	kernel.org: https://git.kernel.org/stable/c/aaa763ab8cecae6308c5ec7f309e1bc3a7ebd29f
Removed	Reference	kernel.org: https://git.kernel.org/stable/c/db62809197658954a67b446c30677bc25baaf9f3
Removed	Reference	kernel.org: https://git.kernel.org/stable/c/ed3248a403740a623c73afd95f88cc37e0cd3ad2
Removed	Reference	kernel.org: https://git.kernel.org/stable/c/f1aff4bc199cb92c055668caed65505e3b4d2656

New CVE Received from kernel.org 5/20/2025 12:15:26 PM

Action	Type	New Value
Added	Description	In the Linux kernel, the following vulnerability has been resolved: dm: fix copying after src array boundaries The blammed commit copied to argv the size of the reallocated argv, instead of the size of the old_argv, thus reading and copying from past the old_argv allocated memory. Following BUG_ON was hit: [ 3.038929][ T1] kernel BUG at lib/string_helpers.c:1040! [ 3.039147][ T1] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP ... [ 3.056489][ T1] Call trace: [ 3.056591][ T1] __fortify_panic+0x10/0x18 (P) [ 3.056773][ T1] dm_split_args+0x20c/0x210 [ 3.056942][ T1] dm_table_add_target+0x13c/0x360 [ 3.057132][ T1] table_load+0x110/0x3ac [ 3.057292][ T1] dm_ctl_ioctl+0x424/0x56c [ 3.057457][ T1] __arm64_sys_ioctl+0xa8/0xec [ 3.057634][ T1] invoke_syscall+0x58/0x10c [ 3.057804][ T1] el0_svc_common+0xa8/0xdc [ 3.057970][ T1] do_el0_svc+0x1c/0x28 [ 3.058123][ T1] el0_svc+0x50/0xac [ 3.058266][ T1] el0t_64_sync_handler+0x60/0xc4 [ 3.058452][ T1] el0t_64_sync+0x1b0/0x1b4 [ 3.058620][ T1] Code: f800865e a9bf7bfd 910003fd 941f48aa (d4210000) [ 3.058897][ T1] ---[ end trace 0000000000000000 ]--- [ 3.059083][ T1] Kernel panic - not syncing: Oops - BUG: Fatal exception Fix it by copying the size of src, and not the size of dst, as it was.
Added	Reference	https://git.kernel.org/stable/c/4c4f168b46229d527bda801ef15ad793b069f0ae
Added	Reference	https://git.kernel.org/stable/c/a27cbadb995fa4cca90cefd74332c55c2c26616b
Added	Reference	https://git.kernel.org/stable/c/aaa763ab8cecae6308c5ec7f309e1bc3a7ebd29f
Added	Reference	https://git.kernel.org/stable/c/db62809197658954a67b446c30677bc25baaf9f3
Added	Reference	https://git.kernel.org/stable/c/ed3248a403740a623c73afd95f88cc37e0cd3ad2
Added	Reference	https://git.kernel.org/stable/c/f1aff4bc199cb92c055668caed65505e3b4d2656

Quick Info

CVE Dictionary Entry:
CVE-2025-37902
NVD Published Date:
05/20/2025
NVD Last Modified:
05/26/2025
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2025-37902 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Change History

CVE Modified by kernel.org 5/26/2025 7:15:24 AM

CVE Rejected by kernel.org 5/26/2025 7:15:24 AM

New CVE Received from kernel.org 5/20/2025 12:15:26 PM

Quick Info