CVE-2025-37780: 
Linux Kernel vulnerability analysis and mitigation

A slab-out-of-bounds read vulnerability (CVE-2025-37780) was discovered in the Linux kernel's isofs filesystem component, specifically in the isofsfhto_parent function. The vulnerability was identified and reported by syzbot on May 1, 2025, affecting Linux kernel versions up to 6.14.0-rc7 (NVD, Wiz).

The vulnerability occurs when the handlebytes value passed to the system equals 12. In the handletopath() function, only 12 bytes of memory are allocated for the filehandle->fhandle member structure, leading to an out-of-bounds access when accessing the parentblock member of the isofsfid structure in isofs. This happens because accessing parentblock requires at least 16 bytes of f_handle. The issue manifests in the fs/isofs/export.c file at line 183. The vulnerability has received a CVSS v3.1 Base Score of 5.5 with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Red Hat).

The vulnerability allows for a slab-out-of-bounds read operation, which could potentially lead to information disclosure or system crashes. The issue affects systems running the vulnerable Linux kernel versions and could be triggered through filesystem operations (Wiz).

The vulnerability has been fixed in Linux kernel version 6.12.25-1 for Debian sid and 6.1.135-1 for Debian bookworm. Users are advised to upgrade to these or later versions to mitigate the vulnerability. For Debian distributions, specific version fixes are available: bookworm (security) 6.1.135-1, trixie 6.12.25-1, and sid 6.12.27-1 (Debian Security Tracker).