Close Menu
    DevStackTipsDevStackTips
    • Home
    • News & Updates
      1. Tech & Work
      2. View All

      Never Stop Exploring (July 2025 Wallpapers Edition)

      June 30, 2025

      How AI further empowers value stream management

      June 27, 2025

      12 Top ReactJS Development Companies in 2025

      June 27, 2025

      Not sure where to go with AI? Here’s your roadmap.

      June 27, 2025

      I never thought I’d praise a kickstand power bank – until I tried this one

      June 30, 2025

      I replaced my work PC with this Alienware laptop – now I’m wondering why I hadn’t done this sooner

      June 30, 2025

      How to set up Alexa to receive notifications on Prime Day deals you want

      June 30, 2025

      How proxy servers actually work, and why they’re so valuable

      June 30, 2025
    • Development
      1. Algorithms & Data Structures
      2. Artificial Intelligence
      3. Back-End Development
      4. Databases
      5. Front-End Development
      6. Libraries & Frameworks
      7. Machine Learning
      8. Security
      9. Software Engineering
      10. Tools & IDEs
      11. Web Design
      12. Web Development
      13. Web Security
      14. Programming Languages
        • PHP
        • JavaScript
      Featured

      What’s the difference between named functions and arrow functions in JavaScript?

      June 30, 2025
      Recent

      What’s the difference between named functions and arrow functions in JavaScript?

      June 30, 2025

      Spring Boot + Swagger: A Complete Guide to API Documentation

      June 30, 2025

      Wire Room Math: AI + SME = (Less Compensation Paid) X (Headline Risk + Payment Errors)^2

      June 30, 2025
    • Operating Systems
      1. Windows
      2. Linux
      3. macOS
      Featured

      Artix Linux: Introduzione di XLibre nelle Build Sperimentali

      June 30, 2025
      Recent

      Artix Linux: Introduzione di XLibre nelle Build Sperimentali

      June 30, 2025

      Orange Pi R2S Single Board Computer Running Linux: Introduction

      June 30, 2025

      vmstat – reports virtual memory statistics

      June 30, 2025
    • Learning Resources
      • Books
      • Cheatsheets
      • Tutorials & Guides
    Home»Security»Common Vulnerabilities and Exposures (CVEs)»CVE-2025-37887 – Linux Kernel PDS_CORE Devlink Command Buffer Overflow

    CVE-2025-37887 – Linux Kernel PDS_CORE Devlink Command Buffer Overflow

    May 9, 2025

    CVE ID : CVE-2025-37887

    Published : May 9, 2025, 7:16 a.m. | 4 hours, 51 minutes ago

    Description : In the Linux kernel, the following vulnerability has been resolved:

    pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result

    If the FW doesn’t support the PDS_CORE_CMD_FW_CONTROL command
    the driver might at the least print garbage and at the worst
    crash when the user runs the “devlink dev info” devlink command.

    This happens because the stack variable fw_list is not 0
    initialized which results in fw_list.num_fw_slots being a
    garbage value from the stack. Then the driver tries to access
    fw_list.fw_names[i] with i >= ARRAY_SIZE and runs off the end
    of the array.

    Fix this by initializing the fw_list and by not failing
    completely if the devcmd fails because other useful information
    is printed via devlink dev info even if the devcmd fails.

    Severity: 0.0 | NA

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Facebook Twitter Reddit Email Copy Link
    Previous ArticleCVE-2025-37888 – Intel Mellanox Linux Null Pointer Dereference Vulnerability
    Next Article CVE-2025-4467 – SourceCodester Online Student Clearance System SQL Injection Vulnerability

    Related Posts

    Security

    ⚡ Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more

    June 30, 2025
    Security

    Over 1,200 Citrix servers unpatched against critical auth bypass flaw

    June 30, 2025
    Leave A Reply Cancel Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

    Continue Reading

    Google Pixel 10 to Embrace Qi2 Wireless Charging with New “Pixelsnap” Accessories

    Security

    Site Update – An Apology and a Brighter Future

    Linux

    The Apple Code Signing Handbook

    Development

    Ubisoft says you don’t own your video games, read the fine print

    News & Updates

    Highlights

    Fortifying React Native: Security Enhancements to Watch for in Upcoming Releases🔐

    April 22, 2025

    Post Content Source: Read More 

    CVE-2025-6843 – “Code-projects Simple Photo Gallery Unrestricted File Upload Vulnerability”

    June 29, 2025

    Guida al Gioco Open Source e Free “Daimonin”

    May 22, 2025

    CVE-2025-20977 – Samsung Notes Implicit Intent Information Leak Vulnerability

    May 7, 2025
    © DevStackTips 2025. All rights reserved.
    • Contact
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.