CVE-2025-37785

Summary

CVE-2025-37785 is a vulnerability in the Linux kernel that allows an out-of-bounds read when checking directory entries in the ext4 filesystem. Specifically, if a corrupted directory contains a '.' entry with a record length equal to the block size, the ext4_empty_dir() function assumes the '..' entry also fits in the same data block and dereferences a pointer past the allocated memory, resulting in an out-of-bounds memory access. This issue was identified by the syzkaller tool and can potentially lead to use-after-free errors if another structure was recently freed from the same location. The vulnerability was resolved by extending __ext4_check_dir_entry() to check for '.' dir entries reaching the end of the data block and ignoring phony dir entries for checksum. The call trace shows the function involved in this vulnerability is __ext4_check_dir_entry().

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.