CVE-2025-37866

Published: May 9, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show() A warning is seen when running the latest kernel on a BlueField SOC: [251.512704] ------------[ cut here ]------------ [251.512711] invalid sysfs_emit: buf:0000000003aa32ae [251.512720] WARNING: CPU: 1 PID: 705264 at fs/sysfs/file.c:767 sysfs_emit+0xac/0xc8 The warning is triggered because the mlxbf-bootctl driver invokes "sysfs_emit()" with a buffer pointer that is not aligned to the start of the page. The driver should instead use "sysfs_emit_at()" to support non-zero offsets into the destination buffer.

Vendor	Product	Versions
Linux	Linux	affected `9886f575de5aefcfab537467c72e5176e5301df0 - < 5e1dcc5bfd7a2896178c604bc69d6ab9650967da` affected `9886f575de5aefcfab537467c72e5176e5301df0 - < b129005ddfc0e6daf04a6d3b928a9e474f9b3918`
Linux	Linux	affected `6.14` unaffected `0 - < 6.14` unaffected `6.14.4 - <= 6.14.` unaffected `6.15 - <= `

References

https://git.kernel.org/stable/c/5e1dcc5bfd7a2896178c604bc69d6ab9650967da

https://git.kernel.org/stable/c/b129005ddfc0e6daf04a6d3b928a9e474f9b3918

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-37866

Description

Affected Products

References