SB2025052156 - Improper error handling in Linux kernel arm64 kernel
Published: May 21, 2025 Updated: May 21, 2025
Security Bulletin ID
SB2025052156
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2025-37929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the spectre_bhb_loop_affected() function in arch/arm64/kernel/proton-pack.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/090c8714efe1c3c470301cc2f794c1ee2a57746c
- https://git.kernel.org/stable/c/333579202f09e260e8116321df4c55f80a19b160
- https://git.kernel.org/stable/c/3821cae9bd5a99a42d3d0be1b58e41f072cd4c4c
- https://git.kernel.org/stable/c/446289b8b36b2ee98dabf6388acbddcc33ed41be
- https://git.kernel.org/stable/c/6266b3509b2c6ebf2f9daf2239ff8eb60c5f5bd3
- https://git.kernel.org/stable/c/fee4d171451c1ad9e8aaf65fc0ab7d143a33bd72
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.182
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.138
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.28
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.14.6
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.90