CVE-2025-37780
📋 TL;DR
A memory corruption vulnerability in the Linux kernel's ISO filesystem (isofs) export functionality allows out-of-bounds read access when processing file handles with insufficient buffer size. This affects Linux systems with ISO filesystems mounted and export support enabled. Attackers could potentially read kernel memory or cause denial of service.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory disclosure leading to information leakage, privilege escalation, or system crash/panic.
Likely Case
Kernel panic or system crash causing denial of service.
If Mitigated
Minimal impact if ISO export functionality is disabled or systems are not processing malicious file handles.
🎯 Exploit Status
Requires local access and ability to create/manipulate file handles. Syzbot found via fuzzing.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits: 007124c896e7d4614ac1f6bd4dedb975c35a2a8e, 0405d4b63d082861f4eaff9d39c78ee9dc34f845, 0fdafdaef796816a9ed0fd7ac812932d569d9beb, 56dfffea9fd3be0b3795a9ca6401e133a8427e0b, 5e7de55602c61c8ff28db075cc49c8dd6989d7e0
Vendor Advisory: https://git.kernel.org/stable/c/007124c896e7d4614ac1f6bd4dedb975c35a2a8e
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Reboot system. 3. Verify kernel version matches patched release.
🔧 Temporary Workarounds
Disable ISO export support
linuxPrevent mounting ISO filesystems with export support to eliminate attack surface
# Ensure no ISO mounts with export options
# Check /etc/fstab and mount commands for 'nfs' or 'export' options with iso9660
🧯 If You Can't Patch
- Restrict access to systems to prevent local exploitation
- Monitor for crash logs related to isofs_fh_to_parent or KASAN reports
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if ISO filesystems are mounted with export support: 'mount | grep iso9660' and 'cat /proc/filesystems | grep iso9660'Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: 'uname -r' and check with distribution's security advisory📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- KASAN reports mentioning isofs_fh_to_parent
- slab-out-of-bounds errors in dmesg
Network Indicators:
- N/A - local vulnerability
SIEM Query:
Search for: 'isofs_fh_to_parent' OR 'slab-out-of-bounds' OR 'KASAN: slab-out-of-bounds' in kernel logs🔗 References
- https://git.kernel.org/stable/c/007124c896e7d4614ac1f6bd4dedb975c35a2a8e
- https://git.kernel.org/stable/c/0405d4b63d082861f4eaff9d39c78ee9dc34f845
- https://git.kernel.org/stable/c/0fdafdaef796816a9ed0fd7ac812932d569d9beb
- https://git.kernel.org/stable/c/56dfffea9fd3be0b3795a9ca6401e133a8427e0b
- https://git.kernel.org/stable/c/5e7de55602c61c8ff28db075cc49c8dd6989d7e0
- https://git.kernel.org/stable/c/63d5a3e207bf315a32c7d16de6c89753a759f95a
- https://git.kernel.org/stable/c/952e7a7e317f126d0a2b879fc531b716932d5ffa
- https://git.kernel.org/stable/c/ee01a309ebf598be1ff8174901ed6e91619f1749
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
