5.5
CVE-2025-37857
- EPSS 0.25%
- Veröffentlicht 09.05.2025 06:42:05
- Zuletzt bearbeitet 12.11.2025 20:08:56
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
scsi: st: Fix array overflow in st_setup()
In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in st_setup() Change the array size to follow parms size instead of a fixed value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.4.293
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.237
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.181
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.135
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.88
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.24
Linux ≫ Linux Kernel Version >= 6.13 < 6.13.12
Linux ≫ Linux Kernel Version >= 6.14 < 6.14.3
Debian ≫ Debian Linux Version11.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.167 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
https://git.kernel.org/stable/c/736ae988bfb5932c05625baff70fba224d547c08
https://git.kernel.org/stable/c/574b399a7fb6ae71c97e26d122205c4a720c0e43
https://git.kernel.org/stable/c/c6015d0f7a2236ddb3928b2dfcb1c556a1368b55
https://git.kernel.org/stable/c/f746fe0c51e044d1248dc67918328bfb3d86b639
https://git.kernel.org/stable/c/e4d1ca0a84a6650d3172eb8c07ef2fbc585b0d96
https://git.kernel.org/stable/c/7fe3b4deed8b93609058c37c9a11df1d2b2c0423
https://git.kernel.org/stable/c/e6b585d016c47ca8a37b92ea8a3fe35c0b585256
https://git.kernel.org/stable/c/ad4c3037dc77739a625246a2a0fb23b8f3402c06
https://git.kernel.org/stable/c/a018d1cf990d0c339fe0e29b762ea5dc10567d67
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html