CVE-2025-37883

high

Description

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Add check for get_zeroed_page() Add check for the return value of get_zeroed_page() in sclp_console_init() to prevent null pointer dereference. Furthermore, to solve the memory leak caused by the loop allocation, add a free helper to do the free job.

References

https://git.kernel.org/stable/c/f69f8a93aacf6e99af7b1cc992d8ca2cc07b96fb

https://git.kernel.org/stable/c/e1e00dc45648125ef7cb87ebc3b581ac224e7b39

https://git.kernel.org/stable/c/3db42c75a921854a99db0a2775814fef97415bac

https://git.kernel.org/stable/c/3b3aa72636a6205933609ec274a8747720c1ee3f

https://git.kernel.org/stable/c/397254706eba9d8f99fd237feede7ab3169a7f9a

https://git.kernel.org/stable/c/28e5a867aa542e369e211c2baba7044228809a99

Details

Source: Mitre, NVD

Published: 2025-05-09

Updated: 2025-05-12

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00024