How severe is CVE-2025-37832?

This vulnerability has a severity rating of NONE with a CVSS score of N/A out of 10.

What type of vulnerability is CVE-2025-37832?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2025-37832 - NONE Severity | CVSS N/A

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: cpufreq: sun50i: prevent out-of-bounds access A KASAN enabled kernel reports an out-of-bounds access when handling the nvmem cell in the sun50i cpufreq driver: ================================================================== BUG: KASAN: slab-out-of-bounds in sun50i_cpufreq_nvmem_probe+0x180/0x3d4 Read of size 4 at addr ffff000006bf31e0 by task kworker/u16:1/38 This is because the DT specifies the nvmem cell as covering only two bytes, but we use a u32 pointer to read the value. DTs for other SoCs indeed specify 4 bytes, so we cannot just shorten the variable to a u16. Fortunately nvmem_cell_read() allows to return the length of the nvmem cell, in bytes, so we can use that information to only access the valid portion of the data. To cover multiple cell sizes, use memcpy() to copy the information into a zeroed u32 buffer, then also make sure we always read the data in little endian fashion, as this is how the data is stored in the SID efuses.

Related Vulnerabilities

CVE-2016-8284

LOW

CVSS:1.8(Low)

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.

NVD-CWE-Other2016

CVE-2017-10122

LOW

CVSS:1.8(Low)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high p...

NVD-CWE-Other2017

CVE-2018-3270

LOW

CVSS:1.8(Low)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privi...

NVD-CWE-Other2018

CVE-2019-3008

LOW

CVSS:1.8(Low)

Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDAP Library). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacke...

NVD-CWE-Other2019

CVE-2021-2147

LOW

CVSS:1.8(Low)

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high...

NVD-CWE-Other2021

CVE-2021-35618

LOW

CVSS:1.8(Low)

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high priv...

NVD-CWE-Other2021