CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-37819: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()

Description

In the Linux kernel, the following vulnerability has been resolved:

irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()

With ACPI in place, gicv2m_get_fwnode() is registered with the pci
subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime
during a PCI host bridge probe. But, the call back is wrongly marked as
__init, causing it to be freed, while being registered with the PCI
subsystem and could trigger:

Unable to handle kernel paging request at virtual address ffff8000816c0400
gicv2m_get_fwnode+0x0/0x58 (P)
pci_set_bus_msi_domain+0x74/0x88
pci_register_host_bridge+0x194/0x548

This is easily reproducible on a Juno board with ACPI boot.

Retain the function for later use.

Classification

CVE ID: CVE-2025-37819

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 17.42% (scored less or equal to compared to others)

EPSS Date: 2025-06-06 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-37819
https://git.kernel.org/stable/c/2f2803e4b5e4df2b08d378deaab78b1681ef9b30
https://git.kernel.org/stable/c/3939d6f29d34cdb60e3f68b76e39e00a964a1d51
https://git.kernel.org/stable/c/47bee0081b483b077c7560bc5358ad101f89c8ef
https://git.kernel.org/stable/c/3318dc299b072a0511d6dfd8367f3304fb6d9827

Timeline

2025-05-08 07:40:11 UTC
CVE

irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()