{"vulnerability": "cve-2025-3777", "sightings": [{"uuid": "f17d00d9-58ed-40ec-976f-f32e12c34a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37778", "type": "seen", "source": "https://bsky.app/profile/hacker-news-jp.bsky.social/post/3lpxd6si6t42y", "content": "", "creation_timestamp": "2025-05-24T23:43:53.899851Z"}, {"uuid": "03c398b9-0a50-4eb7-ab2a-1481c8a714b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37778", "type": "seen", "source": "MISP/1413a78e-c0b3-4092-97e7-909fb9773448", "content": "", "creation_timestamp": "2025-08-14T11:44:21.000000Z"}, {"uuid": "534cc142-7182-4a8b-8be5-2a64802b1e12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37778", "type": "seen", "source": "MISP/1413a78e-c0b3-4092-97e7-909fb9773448", "content": "", "creation_timestamp": "2025-08-06T13:54:19.000000Z"}, {"uuid": "78a861ae-6b5a-405c-bd54-395ac8b2c449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3777", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lteq4nae6w2k", "content": "", "creation_timestamp": "2025-07-07T11:55:30.800279Z"}, {"uuid": "ae0a75d7-fbc2-4049-973f-7cdff3652757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37776", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "0e8aff60-4a97-41f2-a24e-21c36c751844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37778", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "7346f0d7-3c63-4f4b-929d-caaacb8f639d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37775", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c73f41ef-3e61-4937-b6fa-9e7ce7a536da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-37770", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "828e048a-dd3b-44d3-8e4d-d9c6f9b597dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37777", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "355b5a13-b795-476b-a2b7-07e4b0d5b3c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37771", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14459", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37771\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\ud83d\udccf Published: 2025-05-01T13:07:11.517Z\n\ud83d\udccf Modified: 2025-05-02T06:16:19.073Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b7c41df4913789ebfe73cc1e17c6401d4c5eab69\n2. https://git.kernel.org/stable/c/402964994e8ece29702383b234fabcf04791ff95\n3. https://git.kernel.org/stable/c/5096174074114f83c700a27869c54362cbb10f3e\n4. https://git.kernel.org/stable/c/6413fed016208171592c88b5df002af8a1387e24\n5. https://git.kernel.org/stable/c/baa54adb5e0599299b8f088efb5544d876a3eb62\n6. https://git.kernel.org/stable/c/7d641c2b83275d3b0424127b2e0d2d0f7dd82aef", "creation_timestamp": "2025-05-02T07:16:30.000000Z"}, {"uuid": "76bf13cd-7423-48be-886d-84cb791422ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37770", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14460", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37770\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\ud83d\udccf Published: 2025-05-01T13:07:10.353Z\n\ud83d\udccf Modified: 2025-05-02T06:16:18.072Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/e109528bbf460e50074c156253d9080d223ee37f\n2. https://git.kernel.org/stable/c/0c02fcbe4a1393a3c02da6ae35e72493cfdb2155\n3. https://git.kernel.org/stable/c/836a189fb422e7efb81c51d5160e47ec7bc11500\n4. https://git.kernel.org/stable/c/587de3ca7875c06fe3c3aa4073a85c4eff46591f\n5. https://git.kernel.org/stable/c/bd4d90adbca1862d03e581e10e74ab73ec75e61b\n6. https://git.kernel.org/stable/c/05de66de280ea1bd0459c994bfd2dd332cfbc2a9\n7. https://git.kernel.org/stable/c/4b8c3c0d17c07f301011e2908fecd2ebdcfe3d1c", "creation_timestamp": "2025-05-02T07:16:31.000000Z"}, {"uuid": "9b77719d-997a-4ad7-af65-d3627e397ba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37773", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14458", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37773\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.\n\ud83d\udccf Published: 2025-05-01T13:07:12.944Z\n\ud83d\udccf Modified: 2025-05-02T06:16:20.211Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b84f13fdad10a543e2e65bab7e81b3f0bceabd67\n2. https://git.kernel.org/stable/c/9d6dcf18a1b49990295ac8a05fd9bdfd27ccbf88\n3. https://git.kernel.org/stable/c/5ee09cdaf3414f6c92960714af46d3d90eede2f3\n4. https://git.kernel.org/stable/c/599d1e2a6aecc44acf22fe7ea6f5e84a7e526abe\n5. https://git.kernel.org/stable/c/f6ec52710dc5e156b774cbef5d0f5c99b1c53a80\n6. https://git.kernel.org/stable/c/c3e31d613951c299487844c4d1686a933e8ee291\n7. https://git.kernel.org/stable/c/a648d80f8d9b208beee03a2d9aa690cfacf1d41e\n8. https://git.kernel.org/stable/c/a94fd938df2b1628da66b498aa0eeb89593bc7a2", "creation_timestamp": "2025-05-02T07:16:30.000000Z"}, {"uuid": "f305e63c-76dd-43e4-a244-e95cbea77582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37777", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14457", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37777\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix use-after-free in __smb2_lease_break_noti()\n\nMove tcp_transport free to ksmbd_conn_free. If ksmbd connection is\nreferenced when ksmbd server thread terminates, It will not be freed,\nbut conn->tcp_transport is freed. __smb2_lease_break_noti can be performed\nasynchronously when the connection is disconnected. __smb2_lease_break_noti\ncalls ksmbd_conn_write, which can cause use-after-free\nwhen conn->ksmbd_transport is already freed.\n\ud83d\udccf Published: 2025-05-01T13:07:15.741Z\n\ud83d\udccf Modified: 2025-05-02T06:16:21.642Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/1aec4d14cf81b7b3e7b69eb1cfa94144eed7138e\n2. https://git.kernel.org/stable/c/e59796fc80603bcd8569d4d2e10b213c1918edb4\n3. https://git.kernel.org/stable/c/21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de", "creation_timestamp": "2025-05-02T07:16:29.000000Z"}, {"uuid": "29194baf-7e96-4522-941e-74f825cbc989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37778", "type": "seen", "source": "https://t.me/kasperskylab_ru/6229", "content": "\u0412 \u043d\u043e\u0432\u043e\u043c #kaspersky_securityweek:\n\n\ud83d\udd18 \u0412 \u0445\u043e\u0434\u0435 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e LLM \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0438\u043f\u0430 Use-After-Free \u0432 \u044f\u0434\u0440\u0435 Linux. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u043b \u043d\u0435\u0439\u0440\u043e\u0441\u0435\u0442\u044c \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0434, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0443\u0436\u0435 \u0431\u044b\u043b\u0430 \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 CVE-2025-37778. \u041f\u0440\u043e\u0433\u043d\u0430\u0432 \u0437\u0430\u043f\u0440\u043e\u0441 \u0441\u0442\u043e \u0440\u0430\u0437 \u0438 \u0438\u0437\u0443\u0447\u0438\u0432 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u043e\u0442 \u044f\u0437\u044b\u043a\u043e\u0432\u043e\u0439 \u043c\u043e\u0434\u0435\u043b\u0438 \u043e\u0442\u0447\u0451\u0442\u044b, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b, \u0447\u0442\u043e CVE-2025-37778 \u043d\u0435\u0439\u0440\u043e\u0441\u0435\u0442\u044c \u043d\u0430\u0448\u043b\u0430 \u0432\u0441\u0435\u0433\u043e \u043e\u0434\u0438\u043d \u0440\u0430\u0437, \u043d\u043e \u0441\u0440\u0435\u0434\u0438 \u043c\u0430\u0441\u0441\u044b \u0433\u0430\u043b\u043b\u044e\u0446\u0438\u043d\u0430\u0446\u0438\u0439 \u0438 \u0440\u0435\u043f\u043e\u0440\u0442\u043e\u0432 \u043e\u0431 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0441\u044f \u043e\u0442\u0447\u0451\u0442 \u0438 \u043e\u0431 \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439, \u043d\u043e \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435. \u041e\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2025-37899.\n\n\ud83d\udd18 \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u00ab\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00bb \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434 \u0447\u0435\u0440\u0435\u0437 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 API Docker \u0438 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0431\u044d\u043a\u0434\u043e\u0440\u0430 PureRAT.\n\n\ud83d\udd18 \u0412 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0441\u043f\u043e\u0440\u043d\u043e\u0439 \u0444\u0438\u0447\u0438 Microsoft Recall \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0430 Signal \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 Windows-\u0432\u0435\u0440\u0441\u0438\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0440\u0435\u0442\u0438\u0442\u044c \u0441\u043d\u0438\u043c\u0430\u0442\u044c \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \u0412 Windows 11 \u044d\u0442\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.", "creation_timestamp": "2025-05-27T11:54:25.000000Z"}]}