CVE-2025-37808

medium

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq context through af_alg, use spin locks instead of mutexes to protect the default null algorithm.

References

https://git.kernel.org/stable/c/f7a5a5c8e1ec16a4b2041398abe95de0e14572ef

https://git.kernel.org/stable/c/e307c54ac8198bf09652c72603ba6e6d97798410

https://git.kernel.org/stable/c/e27244cbe10658a66b8775be7f0acc4ad2f618d6

https://git.kernel.org/stable/c/dcc47a028c24e793ce6d6efebfef1a1e92f80297

https://git.kernel.org/stable/c/8cf2945512a8c0ef74ddd5b5a4f6b6a2fb1a4efb

https://git.kernel.org/stable/c/1dd4a8561d85dea545cf93f56efc48df8176e218

https://git.kernel.org/stable/c/1b66a5920b7fc7cc6251192a3fcad115b6d75dd5

https://git.kernel.org/stable/c/0486de3c1b8223138dcc614846bd76364f758de6

Details

Source: Mitre, NVD

Published: 2025-05-08

Updated: 2025-05-08

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024