Close Menu
    DevStackTipsDevStackTips
    • Home
    • News & Updates
      1. Tech & Work
      2. View All

      CodeSOD: A Unique Way to Primary Key

      July 22, 2025

      BrowserStack launches Figma plugin for detecting accessibility issues in design phase

      July 22, 2025

      Parasoft brings agentic AI to service virtualization in latest release

      July 22, 2025

      Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

      July 21, 2025

      The best CRM software with email marketing in 2025: Expert tested and reviewed

      July 22, 2025

      This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

      July 22, 2025

      I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

      July 22, 2025

      8 ways I quickly leveled up my Linux skills – and you can too

      July 22, 2025
    • Development
      1. Algorithms & Data Structures
      2. Artificial Intelligence
      3. Back-End Development
      4. Databases
      5. Front-End Development
      6. Libraries & Frameworks
      7. Machine Learning
      8. Security
      9. Software Engineering
      10. Tools & IDEs
      11. Web Design
      12. Web Development
      13. Web Security
      14. Programming Languages
        • PHP
        • JavaScript
      Featured

      The Intersection of Agile and Accessibility – A Series on Designing for Everyone

      July 22, 2025
      Recent

      The Intersection of Agile and Accessibility – A Series on Designing for Everyone

      July 22, 2025

      Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

      July 22, 2025

      Execute Ping Commands and Get Back Structured Data in PHP

      July 22, 2025
    • Operating Systems
      1. Windows
      2. Linux
      3. macOS
      Featured

      A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

      July 22, 2025
      Recent

      A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

      July 22, 2025

      “I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

      July 22, 2025

      Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

      July 22, 2025
    • Learning Resources
      • Books
      • Cheatsheets
      • Tutorials & Guides
    Home»Security»Common Vulnerabilities and Exposures (CVEs)»CVE-2025-37780 – Linux Kernel Isofs Fid Handle Bytes Vulnerability

    CVE-2025-37780 – Linux Kernel Isofs Fid Handle Bytes Vulnerability

    May 1, 2025

    CVE ID : CVE-2025-37780

    Published : May 1, 2025, 2:15 p.m. | 1 hour, 10 minutes ago

    Description : In the Linux kernel, the following vulnerability has been resolved:

    isofs: Prevent the use of too small fid

    syzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]

    The handle_bytes value passed in by the reproducing program is equal to 12.
    In handle_to_path(), only 12 bytes of memory are allocated for the structure
    file_handle->f_handle member, which causes an out-of-bounds access when
    accessing the member parent_block of the structure isofs_fid in isofs,
    because accessing parent_block requires at least 16 bytes of f_handle.
    Here, fh_len is used to indirectly confirm that the value of handle_bytes
    is greater than 3 before accessing parent_block.

    [1]
    BUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183
    Read of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466
    CPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0
    Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
    Call trace:
    show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
    __dump_stack lib/dump_stack.c:94 [inline]
    dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
    print_address_description mm/kasan/report.c:408 [inline]
    print_report+0x198/0x550 mm/kasan/report.c:521
    kasan_report+0xd8/0x138 mm/kasan/report.c:634
    __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380
    isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183
    exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523
    do_handle_to_path+0xa0/0x198 fs/fhandle.c:257
    handle_to_path fs/fhandle.c:385 [inline]
    do_handle_open+0x8cc/0xb8c fs/fhandle.c:403
    __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]
    __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]
    __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434
    __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
    invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
    el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
    do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
    el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744
    el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762
    el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600

    Allocated by task 6466:
    kasan_save_stack mm/kasan/common.c:47 [inline]
    kasan_save_track+0x40/0x78 mm/kasan/common.c:68
    kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562
    poison_kmalloc_redzone mm/kasan/common.c:377 [inline]
    __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394
    kasan_kmalloc include/linux/kasan.h:260 [inline]
    __do_kmalloc_node mm/slub.c:4294 [inline]
    __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306
    kmalloc_noprof include/linux/slab.h:905 [inline]
    handle_to_path fs/fhandle.c:357 [inline]
    do_handle_open+0x5a4/0xb8c fs/fhandle.c:403
    __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]
    __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]
    __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434
    __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
    invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
    el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
    do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
    el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744
    el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762
    el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600

    Severity: 0.0 | NA

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Facebook Twitter Reddit Email Copy Link
    Previous ArticleCVE-2025-37782 – Linux HFS slub Out-of-Bounds Write
    Next Article CVE-2025-37779 – “ERofs Linux Kernel Folio UAF Vulnerability”

    Related Posts

    Common Vulnerabilities and Exposures (CVEs)

    CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

    July 22, 2025
    Common Vulnerabilities and Exposures (CVEs)

    CVE-2025-7393 – Drupal Mail Login Authentication Bypass

    July 22, 2025
    Leave A Reply Cancel Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

    Continue Reading

    Multiple Schneider Electric Vulnerabilities Let Attackers Inject OS Commands

    Security

    Hugging Face Releases nanoVLM: A Pure PyTorch Library to Train a Vision-Language Model from Scratch in 750 Lines of Code

    Machine Learning

    CVE-2025-6694 – LabRedesCefetRJ WeGIA Cross-Site Scripting Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    CVE-2025-49583 – XWiki Cross-Site Notification Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    Highlights

    CVE-2025-4903 – D-Link DI-7003GV2 Authentication Bypass Vulnerability

    May 19, 2025

    CVE ID : CVE-2025-4903

    Published : May 19, 2025, 1:15 a.m. | 1 hour, 32 minutes ago

    Description : A vulnerability, which was classified as critical, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This affects the function sub_41F4F0 of the file /H5/webgl.asp?tggl_port=0&remote_management=0&http_passwd=game&exec_service=admin-restart. The manipulation leads to unverified password change. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

    Severity: 5.3 | MEDIUM

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Trump’s AI-generated papal portrait sparks controversy and debate

    May 3, 2025

    CVE-2025-46247 – Codepeople Appointment Booking Calendar Missing Authorization Vulnerability

    April 22, 2025

    CVE-2025-6375 – Poco Null Pointer Dereference Vulnerability

    June 20, 2025
    © DevStackTips 2025. All rights reserved.
    • Contact
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.