CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-37848: accel/ivpu: Fix PM related deadlocks in MS IOCTLs

Description

In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Fix PM related deadlocks in MS IOCTLs

Prevent runtime resume/suspend while MS IOCTLs are in progress.
Failed suspend will call ivpu_ms_cleanup() that would try to acquire
file_priv->ms_lock, which is already held by the IOCTLs.

Classification

CVE ID: CVE-2025-37848

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 4.6% (scored less or equal to compared to others)

EPSS Date: 2025-06-07 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-37848
https://git.kernel.org/stable/c/afada73000bef7c79a22f0d7e93fac414eeff19e
https://git.kernel.org/stable/c/c3d9fc2f2746b52e9f820a13c53b4418bec04b48
https://git.kernel.org/stable/c/84547128526441b45c3c241419dececf20c30104
https://git.kernel.org/stable/c/d893da85e06edf54737bb80648bb58ba8fd56d9f

Timeline

2025-05-09 07:40:14 UTC
CVE

accel/ivpu: Fix PM related deadlocks in MS IOCTLs