CVE-2025-37812
- Source
- https://cve.org/CVERecord?id=CVE-2025-37812
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37812.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-37812
- Downstream
- Related
- Published
- 2025-05-08T06:26:09.355Z
- Modified
- 2026-05-07T04:16:05.741712Z
- Summary
- usb: cdns3: Fix deadlock when using NCM gadget
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usb: cdns3: Fix deadlock when using NCM gadget
The cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit 58f2fcb3a845 ("usb: cdnsp: Fix deadlock issue during using NCM gadget").
Under PREEMPT_RT the deadlock can be readily triggered by heavy network traffic, for example using "iperf --bidir" over NCM ethernet link.
The deadlock occurs because the threaded interrupt handler gets preempted by a softirq, but both are protected by the same spinlock. Prevent deadlock by disabling softirq during threaded irq handler.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37812.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/09e90a9689a4aac7a2f726dc2aa472b0b37937b7
- https://git.kernel.org/stable/c/48a62deb857f0694f611949015e70ad194d97159
- https://git.kernel.org/stable/c/59a760e4796a3cd88d8b9d7706e0a638de677751
- https://git.kernel.org/stable/c/74cd6e408a4c010e404832f0e4609d29bf1d0c41
- https://git.kernel.org/stable/c/a1059896f2bfdcebcdc7153c3be2307ea319501f
- https://git.kernel.org/stable/c/b96239582531775f2fdcb14de29bdb6870fd4c8c
- https://git.kernel.org/stable/c/c27db84ed44e50ff90d9e3a2a25fae2e0a0fa015
- https://git.kernel.org/stable/c/eebfb64c624fc738b669100173344fb441c5e719
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37812.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-37812
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7733f6c32e36ff9d7adadf40001039bf219b1cbeFixedeebfb64c624fc738b669100173344fb441c5e719Fixed59a760e4796a3cd88d8b9d7706e0a638de677751Fixedb96239582531775f2fdcb14de29bdb6870fd4c8cFixedc27db84ed44e50ff90d9e3a2a25fae2e0a0fa015Fixed48a62deb857f0694f611949015e70ad194d97159Fixed74cd6e408a4c010e404832f0e4609d29bf1d0c41Fixed09e90a9689a4aac7a2f726dc2aa472b0b37937b7Fixeda1059896f2bfdcebcdc7153c3be2307ea319501f
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced5.4.0Fixed5.4.293
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.237
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.181
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.136
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.89
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.26
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.14.5