CVE-2025-37866 Information

May 10, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show()

A warning is seen when running the latest kernel on a BlueField SOC: [251.512704] ————[ cut here ]———— [251.512711] invalid sysfs_emit: buf:0000000003aa32ae [251.512720] WARNING: CPU: 1 PID: 705264 at fs/sysfs/file.c:767 sysfs_emit+0xac/0xc8

The warning is triggered because the mlxbf-bootctl driver invokes \sysfs_emit()\ with a buffer pointer that is not aligned to the start of the page. The driver should instead use \sysfs_emit_at()\nto support non-zero offsets into the destination buffer.

Reference

https://git.kernel.org/stable/c/5e1dcc5bfd7a2896178c604bc69d6ab9650967da https://git.kernel.org/stable/c/b129005ddfc0e6daf04a6d3b928a9e474f9b3918

Share on: