CVE-2025-37993

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-37993
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37993.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37993
Downstream
Published
2025-05-29T14:15:35Z
Modified
2025-07-01T16:31:41.854431Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

can: mcan: mcanclassallocate_dev(): initialize spin lock on device probe

The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. when trying to send CAN frames with cansend from can-utils:

| BUG: spinlock bad magic on CPU#0, cansend/95 | lock: 0xff60000002ec1010, .magic: 00000000, .owner: <none>/-1, .ownercpu: 0 | CPU: 0 UID: 0 PID: 95 Comm: cansend Not tainted 6.15.0-rc3-00032-ga79be02bba5c #5 NONE | Hardware name: MachineWare SIM-V (DT) | Call Trace: | [<ffffffff800133e0>] dumpbacktrace+0x1c/0x24 | [<ffffffff800022f2>] showstack+0x28/0x34 | [<ffffffff8000de3e>] dumpstacklvl+0x4a/0x68 | [<ffffffff8000de70>] dumpstack+0x14/0x1c | [<ffffffff80003134>] spindump+0x62/0x6e | [<ffffffff800883ba>] dorawspinlock+0xd0/0x142 | [<ffffffff807a6fcc>] rawspinlockirqsave+0x20/0x2c | [<ffffffff80536dba>] mcanstartxmit+0x90/0x34a | [<ffffffff806148b0>] devhardstartxmit+0xa6/0xee | [<ffffffff8065b730>] schdirectxmit+0x114/0x292 | [<ffffffff80614e2a>] _devqueuexmit+0x3b0/0xaa8 | [<ffffffff8073b8fa>] cansend+0xc6/0x242 | [<ffffffff8073d1c0>] rawsendmsg+0x1a8/0x36c | [<ffffffff805ebf06>] sockwriteiter+0x9a/0xee | [<ffffffff801d06ea>] vfswrite+0x184/0x3a6 | [<ffffffff801d0a88>] ksyswrite+0xa0/0xc0 | [<ffffffff801d0abc>] _riscvsyswrite+0x14/0x1c | [<ffffffff8079ebf8>] dotrapecallu+0x168/0x212 | [<ffffffff807a830a>] handleexception+0x146/0x152

Initializing the spin lock in mcanclassallocatedev solves that problem.

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.29-1

Affected versions

6.*

6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.1.112-1
6.1.115-1
6.1.119-1
6.1.123-1
6.1.124-1
6.1.128-1
6.1.129-1
6.1.133-1
6.1.135-1
6.1.137-1
6.1.139-1
6.1.140-1
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1
6.7.7-1
6.7.9-1
6.7.9-2
6.7.12-1~bpo12+1
6.7.12-1
6.8.9-1
6.8.11-1
6.8.12-1~bpo12+1
6.8.12-1
6.9.2-1~exp1
6.9.7-1~bpo12+1
6.9.7-1
6.9.8-1
6.9.9-1
6.9.10-1~bpo12+1
6.9.10-1
6.9.11-1
6.9.12-1
6.10-1~exp1
6.10.1-1~exp1
6.10.3-1
6.10.4-1
6.10.6-1~bpo12+1
6.10.6-1
6.10.7-1
6.10.9-1
6.10.11-1~bpo12+1
6.10.11-1
6.10.12-1
6.11~rc4-1~exp1
6.11~rc5-1~exp1
6.11-1~exp1
6.11.2-1
6.11.4-1
6.11.5-1~bpo12+1
6.11.5-1
6.11.6-1
6.11.7-1
6.11.9-1
6.11.10-1~bpo12+1
6.11.10-1
6.12~rc6-1~exp1
6.12.3-1
6.12.5-1
6.12.6-1
6.12.8-1
6.12.9-1~bpo12+1
6.12.9-1
6.12.9-1+alpha
6.12.10-1
6.12.11-1
6.12.11-1+alpha
6.12.11-1+alpha.1
6.12.12-1~bpo12+1
6.12.12-1
6.12.13-1
6.12.15-1
6.12.16-1
6.12.17-1
6.12.19-1
6.12.20-1
6.12.21-1
6.12.22-1~bpo12+1
6.12.22-1
6.12.25-1
6.12.27-1~bpo12+1
6.12.27-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}