SB20250502229 - Input validation error in Linux kernel jfs
Published: May 2, 2025 Updated: May 10, 2025
Security Bulletin ID
SB20250502229
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2025-37740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/722e72f7f9c69fcb3ab7988c2471feff7a4c8de1
- https://git.kernel.org/stable/c/a065cec230aa807c18828a3eee82f1c8592c2adf
- https://git.kernel.org/stable/c/a260bf14cd347878f01f70739ba829442a474a16
- https://git.kernel.org/stable/c/a741f29ac8b6374c9904be8b7ac7cdfcd7e7e4fa
- https://git.kernel.org/stable/c/c8c96a9e7660e5e5eea445978fe8f2e432d91c1f
- https://git.kernel.org/stable/c/cc0bc4cb62ce5fa0c383e3bf0765d01f46bd49ac
- https://git.kernel.org/stable/c/ccd97c8a4f90810f228ee40d1055148fa146dd57
- https://git.kernel.org/stable/c/ddf2846f22e8575d6b4b6a66f2100f168b8cd73d
- https://git.kernel.org/stable/c/e3f85edb03183fb06539e5b50dd2c4bb42b869f0
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.14.3