CVE-2025-37857

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: st: Fix array overflow in st_setup()

Change the array size to follow parms size instead of a fixed value.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 < 736ae988bfb5932c05625baff70fba224d547c08affected
LinuxLinux2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 < 574b399a7fb6ae71c97e26d122205c4a720c0e43affected
LinuxLinux2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 < c6015d0f7a2236ddb3928b2dfcb1c556a1368b55affected
LinuxLinux2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 < f746fe0c51e044d1248dc67918328bfb3d86b639affected
LinuxLinux2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 < e4d1ca0a84a6650d3172eb8c07ef2fbc585b0d96affected
LinuxLinux2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 < 7fe3b4deed8b93609058c37c9a11df1d2b2c0423affected
LinuxLinux2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 < e6b585d016c47ca8a37b92ea8a3fe35c0b585256affected
LinuxLinux2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 < ad4c3037dc77739a625246a2a0fb23b8f3402c06affected
LinuxLinux2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 < a018d1cf990d0c339fe0e29b762ea5dc10567d67affected
LinuxLinux3.19affected
LinuxLinux0 < 3.19unaffected
LinuxLinux5.4.293 <= 5.4.*unaffected
LinuxLinux5.10.237 <= 5.10.*unaffected
LinuxLinux5.15.181 <= 5.15.*unaffected
LinuxLinux6.1.135 <= 6.1.*unaffected
LinuxLinux6.6.88 <= 6.6.*unaffected
LinuxLinux6.12.24 <= 6.12.*unaffected
LinuxLinux6.13.12 <= 6.13.*unaffected
LinuxLinux6.14.3 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References