CVE-2025-37868 — Improper Locking in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 88.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 9
Latest updateJul 8
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/userptr: fix notifier vs folio deadlock
User is reporting what smells like notifier vs folio deadlock, where
migrate_pages_batch() on core kernel side is holding folio lock(s) and
then interacting with the mappings of it, however those mappings are
tied to some userptr, which means calling into the notifier callback and
grabbing the notifier lock. With perfect timing it looks possible that
the pages we pulled from the h…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
▶CVEListV5linux/linux2a24c98f0e4cc994334598d4f3a851972064809d — 65dc4e3d5b01db0179fc95c1f0bdb87194c28ab5+4
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-mfvr-qgfc-wvxq: In the Linux kernel, the following vulnerability has been resolved:
drm/xe/userptr: fix notifier vs folio deadlock
User is reporting what smells lik↗2025-05-09
OSV▶
CVE-2025-37868: In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like↗2025-05-09
📋Vendor Advisories
5Debian▶
CVE-2025-37868: linux - In the Linux kernel, the following vulnerability has been resolved: drm/xe/user...↗2025