CVE-2025-37819
HIGH EPSS 6.3%
Published May 8, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
Published May 8, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pci subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime during a PCI host bridge probe. But, the call back is wrongly marked as __init, causing it to be freed, while being registered with the PCI subsystem and could trigger: Unable to handle kernel paging request at virtual address ffff8000816c0400 gicv2m_get_fwnode+0x0/0x58 (P) pci_set_bus_msi_domain+0x74/0x88 pci_register_host_bridge+0x194/0x548 This is easily reproducible on a Juno board with ACPI boot. Retain the function for later use.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
6.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-416 Use After Free Memory Safety
Affected Products 11
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥4.5 – <5.4.294 |
| linux | linux_kernel | * | ≥5.5 – <5.10.238 |
| linux | linux_kernel | * | ≥5.11 – <5.15.182 |
| linux | linux_kernel | * | ≥5.16 – <6.1.138 |
| linux | linux_kernel | * | ≥6.2 – <6.6.89 |
| linux | linux_kernel | * | ≥6.7 – <6.12.26 |
| linux | linux_kernel | * | ≥6.13 – <6.14.5 |
| linux | linux_kernel | 6.15 | any |
| linux | linux_kernel | 6.15 | any |
| linux | linux_kernel | 6.15 | any |
| debian | debian_linux | 11.0 | any |
References 10
- git.kernel.org https://git.kernel.org/stable/c/0c241dedc43a036599757cd08f356253fa3e5014
- git.kernel.org https://git.kernel.org/stable/c/2f2803e4b5e4df2b08d378deaab78b1681ef9b30
- git.kernel.org https://git.kernel.org/stable/c/3318dc299b072a0511d6dfd8367f3304fb6d9827
- git.kernel.org https://git.kernel.org/stable/c/3939d6f29d34cdb60e3f68b76e39e00a964a1d51
- git.kernel.org https://git.kernel.org/stable/c/47bee0081b483b077c7560bc5358ad101f89c8ef
- git.kernel.org https://git.kernel.org/stable/c/b63de43af8d215b0499eac28b2caa4439183efc1
- git.kernel.org https://git.kernel.org/stable/c/dc0d654eb4179b06d3206e4396d072108b9ba082
- git.kernel.org https://git.kernel.org/stable/c/f95659affee301464f0d058d528d96b35b452da8
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Remediation
- git.kernel.org https://git.kernel.org/stable/c/0c241dedc43a036599757cd08f356253fa3e5014
- git.kernel.org https://git.kernel.org/stable/c/2f2803e4b5e4df2b08d378deaab78b1681ef9b30
- git.kernel.org https://git.kernel.org/stable/c/3318dc299b072a0511d6dfd8367f3304fb6d9827
- git.kernel.org https://git.kernel.org/stable/c/3939d6f29d34cdb60e3f68b76e39e00a964a1d51
- git.kernel.org https://git.kernel.org/stable/c/47bee0081b483b077c7560bc5358ad101f89c8ef
- git.kernel.org https://git.kernel.org/stable/c/b63de43af8d215b0499eac28b2caa4439183efc1
- git.kernel.org https://git.kernel.org/stable/c/dc0d654eb4179b06d3206e4396d072108b9ba082
- git.kernel.org https://git.kernel.org/stable/c/f95659affee301464f0d058d528d96b35b452da8