Description

In the Linux kernel, the following vulnerability has been resolved:

pds_core: Prevent possible adminq overflow/stuck condition

The pds_core's adminq is protected by the adminq_lock, which prevents
more than 1 command to be posted onto it at any one time. This makes it
so the client drivers cannot simultaneously post adminq commands.
However, the completions happen in a different context, which means
multiple adminq commands can be posted sequentially and all waiting
on completion.

On the FW side, the backing adminq request queue is only 16 entries
long and the retry mechanism and/or overflow/stuck prevention is
lacking. This can cause the adminq to get stuck, so commands are no
longer processed and completions are no longer sent by the FW.

As an initial fix, prevent more than 16 outstanding adminq commands so
there's no way to cause the adminq from getting stuck. This works
because the backing adminq request queue will never have more than 16
pending adminq commands, so it will never overflow. This is done by
reducing the adminq depth to 16.

Classification

CVE ID: CVE-2025-37987

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 4.6% (scored less or equal to compared to others)

EPSS Date: 2025-06-18 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-37987
https://git.kernel.org/stable/c/2982e07ad72b48eb12c29a87a3f2126ea552688c
https://git.kernel.org/stable/c/5e3dc65675faad846420d24762e4faadc12d9392
https://git.kernel.org/stable/c/d9e2f070d8af60f2c8c02b2ddf0a9e90b4e9220c

Timeline