#VU108872 Improper locking in Linux kernel - CVE-2025-37848

Cybersecurity Help s.r.o.

Published: 2025-05-09 | Updated: 2025-05-10

Vulnerability identifier: #VU108872

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37848

CWE-ID: CWE-667

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ivpu_ms_start_ioctl(), kfree(), ivpu_ms_get_data_ioctl() and ivpu_ms_stop_ioctl() functions in drivers/accel/ivpu/ivpu_ms.c, within the ivpu_force_recovery_fn() and dct_active_set() functions in drivers/accel/ivpu/ivpu_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 6.12, 6.12.1, 6.12.2, 6.12.3, 6.12.4, 6.12.5, 6.12.6, 6.12.7, 6.12.8, 6.12.9, 6.12.10, 6.12.11, 6.12.12, 6.12.13, 6.12.14, 6.12.15, 6.12.16, 6.12.17, 6.12.18, 6.12.19, 6.12.20, 6.12.21, 6.12.22, 6.12.23, 6.13, 6.13.1, 6.13.2, 6.13.3, 6.13.4, 6.13.5, 6.13.6, 6.13.7, 6.13.8, 6.13.9, 6.13.10, 6.13.11, 6.14, 6.14.1, 6.14.2

External links
https://git.kernel.org/stable/c/84547128526441b45c3c241419dececf20c30104
https://git.kernel.org/stable/c/afada73000bef7c79a22f0d7e93fac414eeff19e
https://git.kernel.org/stable/c/c3d9fc2f2746b52e9f820a13c53b4418bec04b48
https://git.kernel.org/stable/c/d893da85e06edf54737bb80648bb58ba8fd56d9f
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.24
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.13.12
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.14.3

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for linux-azure

Ubuntu update for linux

Improper locking in Linux kernel accel ivpu driver