Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
Vulnerability DatabaseCVE-2025-37806
CVE-2025-37806:
Linux Debian vulnerability analysis and mitigation
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Keep write operations atomic
syzbot reported a NULL pointer dereference in _genericfilewriteiter. [1]
Before the write operation is completed, the user executes ioctl[2] to clear the compress flag of the file, which causes the iscompressed() judgment to return 0, further causing the program to enter the wrong process and call the wrong ops ntfsaopscmpr, which triggers the null pointer dereference of writebegin.
Use inode lock to synchronize ioctl and write to avoid this case.
[1] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Mem abort info: ESR = 0x0000000086000006 EC = 0x21: IABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x06: level 2 translation fault user pgtable: 4k pages, 48-bit VAs, pgdp=000000011896d000 [0000000000000000] pgd=0800000118b44403, p4d=0800000118b44403, pud=0800000117517403, pmd=0000000000000000 Internal error: Oops: 0000000086000006 [#1] PREEMPT SMP Modules linked in: CPU: 0 UID: 0 PID: 6427 Comm: syz-executor347 Not tainted 6.13.0-rc3-syzkaller-g573067a5a685 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : 0x0 lr : genericperformwrite+0x29c/0x868 mm/filemap.c:4055 sp : ffff80009d4978a0 x29: ffff80009d4979c0 x28: dfff800000000000 x27: ffff80009d497bc8 x26: 0000000000000000 x25: ffff80009d497960 x24: ffff80008ba71c68 x23: 0000000000000000 x22: ffff0000c655dac0 x21: 0000000000001000 x20: 000000000000000c x19: 1ffff00013a92f2c x18: ffff0000e183aa1c x17: 0004060000000014 x16: ffff800083275834 x15: 0000000000000001 x14: 0000000000000000 x13: 0000000000000001 x12: ffff0000c655dac0 x11: 0000000000ff0100 x10: 0000000000ff0100 x9 : 0000000000000000 x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 x5 : ffff80009d497980 x4 : ffff80009d497960 x3 : 0000000000001000 x2 : 0000000000000000 x1 : ffff0000e183a928 x0 : ffff0000d60b0fc0 Call trace: 0x0 (P) genericfilewriteiter+0xfc/0x204 mm/filemap.c:4156 ntfsfilewriteiter+0x54c/0x630 fs/ntfs3/file.c:1267 newsyncwrite fs/readwrite.c:586 [inline] vfswrite+0x920/0xcf4 fs/readwrite.c:679 ksyswrite+0x15c/0x26c fs/read_write.c:731 dosyswrite fs/readwrite.c:742 [inline] _sesyswrite fs/readwrite.c:739 [inline] _arm64syswrite+0x7c/0x90 fs/readwrite.c:739 _invokesyscall arch/arm64/kernel/syscall.c:35 [inline] invokesyscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0svccommon+0x130/0x23c arch/arm64/kernel/syscall.c:132 doel0svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t64synchandler+0x84/0x108 arch/arm64/kernel/entry-common.c:762
[2] ioctl$FSIOCSETFLAGS(r0, 0x40086602, &(0x7f00000000c0)=0x20)
Source: NVD
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management