Kernel Memory Management Flaw in Linux Affecting NetFS Functionality
CVE-2025-37876

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 May 2025

Summary

A flaw within the Linux kernel's memory management implementation can lead to system crashes under specific configuration settings. When CONFIG_NETFS_SUPPORTS is enabled while CONFIG_PROC_FS is disabled, attempts to allocate memory through the netfs functionality can trigger critical errors, causing the system to fail. The issue stems from an improper setup within netfs_init(), where the /proc/fs/netfs directory is prematurely created without necessary configurations, leading to memory allocation failures. This vulnerability needs to be addressed to prevent potential instability in systems relying on the netfs feature.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2ef6eea2efce01d1956ace483216f6b6e26330c9

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6c4c5e0b96a90f2a11c378e66edc1f25165e10b6

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 40cb48eba3b4b79e110c1a35d33a48cac54507a2

References

https://git.kernel.org/stable/c/2ef6eea2efce01d1956ace483...

https://git.kernel.org/stable/c/6c4c5e0b96a90f2a11c378e66...

https://git.kernel.org/stable/c/40cb48eba3b4b79e110c1a35d...

Timeline

Vulnerability published
May 9, 2025
Vulnerability Reserved
Apr 16, 2025