What is CVE-2025-37742?

CVE-2025-37742 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10, affecting Linux kernel versions from 2.6.12 onward and patched in 5.15.181, 6.1.135, 6.6.88 and others. CVE-2025-37742 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-37742?

CVE-2025-37742 has a CVSS score of 5.5 out of 10, rated Medium severity. The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Is there a patch available for CVE-2025-37742?

Yes, CVE-2025-37742 has been patched. Fixed versions include 5.15.181, 6.1.135, 6.6.88 and others. If you are running Linux kernel 2.6.12 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2025-37742 actively exploited?

CVE-2025-37742 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-37742

Medium

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of imap allocated in the diMount() function syzbot reports that hex_dump_to_buffer is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171 hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171 print_hex_dump+0x13d/0x3e0 lib/hexdump.c:276 diFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876 jfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156 evict+0x723/0xd10 fs/inode.c:796 iput_final fs/inode.c:1946 [inline] iput+0x97b/0xdb0 fs/inode.c:1972 txUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline] jfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733 kthread+0x6b9/0xef0 kernel/kthread.c:464 ret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Uninit was created at: slab_post_alloc_hook mm/slub.c:4121 [inline] slab_alloc_node mm/slub.c:4164 [inline] __kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320 kmalloc_noprof include/linux/slab.h:901 [inline] diMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105 jfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176 jfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523 get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636 get_tree_bdev+0x37/0x50 fs/super.c:1659 jfs_get_tree+0x34/0x40 fs/jfs/super.c:635 vfs_get_tree+0xb1/0x5a0 fs/super.c:1814 do_new_mount+0x71f/0x15e0 fs/namespace.c:3560 path_mount+0x742/0x1f10 fs/namespace.c:3887 do_mount fs/namespace.c:3900 [inline] __do_sys_mount fs/namespace.c:4111 [inline] __se_sys_mount+0x71f/0x800 fs/namespace.c:4088 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4088 x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f ===================================================== The reason is that imap is not properly initialized after memory allocation. It will cause the snprintf() function to write uninitialized data into linebuf within hex_dump_to_buffer(). Fix this by using kzalloc instead of kmalloc to clear its content at the beginning in diMount().

Package Linux Kernel

Published 2025-05-01

Last modified 2025-11-04

CVSS version 3.1

Patch available

Yes

CVSS 3.1 score

5.5

out of 10

Medium

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Weakness type

CWE-908

CVE-2025-37742 is classified as CWE-908

See CWE-908 on MITRE CWE for full details on this weakness type.

Affected versions

Linux kernel versions 2.6.12 and later are affected. Fixed in 5.15.181, 6.1.135, 6.6.88, 6.12.24, 6.13.12, 6.14.3, 6.15 and their respective stable series.

Affected from

≥ 2.6.12

Fixed in

✓ 5.15.181 5.15.x ✓ 6.1.135 6.1.x ✓ 6.6.88 6.6.x ✓ 6.12.24 6.12.x ✓ 6.13.12 6.13.x ✓ 6.14.3 6.14.x ✓ 6.15

References

The following references provide additional information about CVE-2025-37742 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Debian Security
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Mailing List
Kernel patch commit
https://git.kernel.org/stable/c/067347e00a3a7d04afed93f080c6c131e5dd15ee
Patch
Kernel patch commit
https://git.kernel.org/stable/c/4f10732712fce33e53703ffe5ed9155f23814097
Patch
Kernel patch commit
https://git.kernel.org/stable/c/63148ce4904faa668daffdd1d3c1199ae315ef2c
Patch

7 patch commits total View all on NVD

Details

CVE ID CVE-2025-37742

Severity Medium

CVSS score 5.5 / 10

CVSS version 3.1

Published 2025-05-01

Modified 2025-11-04

KEV No

Patch

Yes

Package linux

Frequently asked questions

What is CVE-2025-37742?

CVE-2025-37742 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . It affects Linux kernel versions from 2.6.12 onward and has been patched in 5.15.181, 6.1.135, 6.6.88 and others. CVE-2025-37742 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2025-37742?

CVE-2025-37742 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Is there a patch available for CVE-2025-37742?

Yes — CVE-2025-37742 has been patched. Fixed versions include 5.15.181, 6.1.135, 6.6.88 and others. If you are running Linux kernel 2.6.12 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2025-37742 actively exploited?

No — CVE-2025-37742 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.