https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 03:10:53 +0000 https://vulnerability.circl.lu/sighting/e9fd482c-b39b-447d-843e-f92b57570f38/export {"uuid": "e9fd482c-b39b-447d-843e-f92b57570f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37907", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17103", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37907\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix locking order in ivpu_job_submit\n\nFix deadlock in job submission and abort handling.\nWhen a thread aborts currently executing jobs due to a fault,\nit first locks the global lock protecting submitted_jobs (#1).\n\nAfter the last job is destroyed, it proceeds to release the related context\nand locks file_priv (#2). Meanwhile, in the job submission thread,\nthe file_priv lock (#2) is taken first, and then the submitted_jobs\nlock (#1) is obtained when a job is added to the submitted jobs list.\n\n CPU0 CPU1\n ---- ----\n (for example due to a fault) (jobs submissions keep coming)\n\n lock(&vdev->submitted_jobs_lock) #1\n ivpu_jobs_abort_all()\n job_destroy()\n lock(&file_priv->lock) #2\n lock(&vdev->submitted_jobs_lock) #1\n file_priv_release()\n lock(&vdev->context_list_lock)\n lock(&file_priv->lock) #2\n\nThis order of locking causes a deadlock. To resolve this issue,\nchange the order of locking in ivpu_job_submit().\n\ud83d\udccf Published: 2025-05-20T15:21:40.482Z\n\ud83d\udccf Modified: 2025-05-21T07:58:16.031Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/079d2622f8c9e0c380149645fff21d35c59ce6ff\n2. https://git.kernel.org/stable/c/b9b70924a272c2d72023306bc56f521c056212ee\n3. https://git.kernel.org/stable/c/ab680dc6c78aa035e944ecc8c48a1caab9f39924", "creation_timestamp": "2025-05-21T08:47:21.000000Z"} {"uuid": "e9fd482c-b39b-447d-843e-f92b57570f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37907", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17103", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37907\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix locking order in ivpu_job_submit\n\nFix deadlock in job submission and abort handling.\nWhen a thread aborts currently executing jobs due to a fault,\nit first locks the global lock protecting submitted_jobs (#1).\n\nAfter the last job is destroyed, it proceeds to release the related context\nand locks file_priv (#2). Meanwhile, in the job submission thread,\nthe file_priv lock (#2) is taken first, and then the submitted_jobs\nlock (#1) is obtained when a job is added to the submitted jobs list.\n\n CPU0 CPU1\n ---- ----\n (for example due to a fault) (jobs submissions keep coming)\n\n lock(&vdev->submitted_jobs_lock) #1\n ivpu_jobs_abort_all()\n job_destroy()\n lock(&file_priv->lock) #2\n lock(&vdev->submitted_jobs_lock) #1\n file_priv_release()\n lock(&vdev->context_list_lock)\n lock(&file_priv->lock) #2\n\nThis order of locking causes a deadlock. To resolve this issue,\nchange the order of locking in ivpu_job_submit().\n\ud83d\udccf Published: 2025-05-20T15:21:40.482Z\n\ud83d\udccf Modified: 2025-05-21T07:58:16.031Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/079d2622f8c9e0c380149645fff21d35c59ce6ff\n2. https://git.kernel.org/stable/c/b9b70924a272c2d72023306bc56f521c056212ee\n3. https://git.kernel.org/stable/c/ab680dc6c78aa035e944ecc8c48a1caab9f39924", "creation_timestamp": "2025-05-21T08:47:21.000000Z"} https://vulnerability.circl.lu/sighting/e9fd482c-b39b-447d-843e-f92b57570f38/export Wed, 21 May 2025 08:47:21 +0000 https://vulnerability.circl.lu/sighting/08723fe1-0466-44e3-948d-4de1765cd3bf/export {"uuid": "08723fe1-0466-44e3-948d-4de1765cd3bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37907", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} {"uuid": "08723fe1-0466-44e3-948d-4de1765cd3bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37907", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/08723fe1-0466-44e3-948d-4de1765cd3bf/export Thu, 19 Mar 2026 00:00:00 +0000