CVE-2025-6365 MEDIUM

CVE-2025-6365: HobbesOSR Kitten pgtable.h set_pte_at resource consumption

Vendor Hobbesosr
Product Kitten
Weakness CWE-400
Published June 20, 2025
Last update June 23, 2025

CVSS base score

6.9/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X

What the vulnerability does

01Description

A vulnerability was found in HobbesOSR Kitten up to c4f8b7c3158983d1020af432be1b417b28686736 and classified as critical. Affected by this issue is the function set_pte_at in the library /include/arch-arm64/pgtable.h. The manipulation leads to resource consumption. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

Key dates

02Disclosure timeline

June 20, 2025 CVE published
June 23, 2025 Record updated