{"vulnerability": "cve-2025-3787", "sightings": [{"uuid": "cabc8186-dd2c-4e83-9cb4-146d31969112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37874", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114479439792019818", "content": "", "creation_timestamp": "2025-05-09T19:07:04.246209Z"}, {"uuid": "4bf73754-d30e-4c83-854e-2ae09c828f21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3787", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln3ilpusivj2", "content": "", "creation_timestamp": "2025-04-18T11:16:03.758142Z"}, {"uuid": "3c1de7c7-9814-4f01-9e9e-fc0d12af23b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3787", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln42fpylzc2b", "content": "", "creation_timestamp": "2025-04-18T16:34:29.250826Z"}, {"uuid": "d640284d-09b1-4b18-a501-1bbfe41c25a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37877", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c2a1046e-c235-4c14-9cfc-11df5f4ff5f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37877", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lopz7xulq62h", "content": "", "creation_timestamp": "2025-05-09T08:31:45.191254Z"}, {"uuid": "cd3b73c7-9373-47b9-b8bb-259fd143bd8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37879", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lopz7y64cr2p", "content": "", "creation_timestamp": "2025-05-09T08:31:45.823256Z"}, {"uuid": "31a571f7-fc31-4b1c-b146-749fcd824f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37876", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lopz7ziiug2h", "content": "", "creation_timestamp": "2025-05-09T08:31:52.612455Z"}, {"uuid": "21e2996c-c9e0-4f73-8d9e-8ce3c8779e32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-37878", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "a6dc8f40-3b86-4b2b-ae5a-e4d68cc25aa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-37877", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "bd123e17-939b-4d1f-98dc-f47387bfcefc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37878", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "31ad4ec7-3f17-4952-a5d9-e64ca1ac9845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37879", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "590a9b06-549f-4d78-8a6a-b6b55a1057a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37870", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "905f5b50-1d4e-401d-8271-bc540684fab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-37876", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "a2b749e1-6edb-4c71-81af-fb41bcbc6484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3787", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12411", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3787\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is an unknown function of the component Image Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-18T09:31:04.227Z\n\ud83d\udccf Modified: 2025-04-18T09:31:04.227Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.305610\n2. https://vuldb.com/?ctiid.305610\n3. https://vuldb.com/?submit.553731\n4. https://github.com/KKDT12138/CVE/blob/main/cve6.pdf", "creation_timestamp": "2025-04-18T09:58:58.000000Z"}, {"uuid": "ba5fc29e-d4df-40cf-85bd-be60bd38068c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-37879", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "d6aca02c-dbe8-41da-be9a-9ec1e9e7be43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37877", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15695", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37877\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Clear iommu-dma ops on cleanup\n\nIf iommu_device_register() encounters an error, it can end up tearing\ndown already-configured groups and default domains, however this\ncurrently still leaves devices hooked up to iommu-dma (and even\nhistorically the behaviour in this area was at best inconsistent across\narchitectures/drivers...) Although in the case that an IOMMU is present\nwhose driver has failed to probe, users cannot necessarily expect DMA to\nwork anyway, it's still arguable that we should do our best to put\nthings back as if the IOMMU driver was never there at all, and certainly\nthe potential for crashing in iommu-dma itself is undesirable. Make sure\nwe clean up the dev->dma_iommu flag along with everything else.\n\ud83d\udccf Published: 2025-05-09T06:45:41.751Z\n\ud83d\udccf Modified: 2025-05-09T06:45:41.751Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b14d98641312d972bb3f38e82eddf92898522389\n2. https://git.kernel.org/stable/c/104a84276821aed0ed241ce0d82d6c3267e3fcb8\n3. https://git.kernel.org/stable/c/280e5a30100578106a4305ce0118e0aa9b866f12", "creation_timestamp": "2025-05-09T07:25:40.000000Z"}, {"uuid": "62e57a23-ef2f-4562-9ab6-a37a87bb76cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37874", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15697", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37874\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ngbe: fix memory leak in ngbe_probe() error path\n\nWhen ngbe_sw_init() is called, memory is allocated for wx->rss_key\nin wx_init_rss_key(). However, in ngbe_probe() function, the subsequent\nerror paths after ngbe_sw_init() don't free the rss_key. Fix that by\nfreeing it in error path along with wx->mac_table.\n\nAlso change the label to which execution jumps when ngbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init().\n\ud83d\udccf Published: 2025-05-09T06:44:02.314Z\n\ud83d\udccf Modified: 2025-05-09T06:44:02.314Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/7c2b66a31c7a4866400f7e6fb43cb32021bfca01\n2. https://git.kernel.org/stable/c/8335a3feb9d0d97e5e8f76d38b6bb8573d5b4a29\n3. https://git.kernel.org/stable/c/397487338eff1891c4654ce7deaafbf72a1688b2\n4. https://git.kernel.org/stable/c/88fa80021b77732bc98f73fb69d69c7cc37b9f0d", "creation_timestamp": "2025-05-09T07:25:43.000000Z"}, {"uuid": "0dc82b9c-8467-4695-93a1-e7a59f861487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37878", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15694", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37878\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Fix WARN_ON(!ctx) in __free_event() for partial init\n\nMove the get_ctx(child_ctx) call and the child_event->ctx assignment to\noccur immediately after the child event is allocated. Ensure that\nchild_event->ctx is non-NULL before any subsequent error path within\ninherit_event calls free_event(), satisfying the assumptions of the\ncleanup code.\n\nDetails:\n\nThere's no clear Fixes tag, because this bug is a side-effect of\nmultiple interacting commits over time (up to 15 years old), not\na single regression.\n\nThe code initially incremented refcount then assigned context\nimmediately after the child_event was created. Later, an early\nvalidity check for child_event was added before the\nrefcount/assignment. Even later, a WARN_ON_ONCE() cleanup check was\nadded, assuming event->ctx is valid if the pmu_ctx is valid.\nThe problem is that the WARN_ON_ONCE() could trigger after the initial\ncheck passed but before child_event->ctx was assigned, violating its\nprecondition. The solution is to assign child_event->ctx right after\nits initial validation. This ensures the context exists for any\nsubsequent checks or cleanup routines, resolving the WARN_ON_ONCE().\n\nTo resolve it, defer the refcount update and child_event->ctx assignment\ndirectly after child_event->pmu_ctx is set but before checking if the\nparent event is orphaned. The cleanup routine depends on\nevent->pmu_ctx being non-NULL before it verifies event->ctx is\nnon-NULL. This also maintains the author's original intent of passing\nin child_ctx to find_get_pmu_context before its refcount/assignment.\n\n[ mingo: Expanded the changelog from another email by Gabriel Shahrouzi. ]\n\ud83d\udccf Published: 2025-05-09T06:45:42.459Z\n\ud83d\udccf Modified: 2025-05-09T06:45:42.459Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/1fe9b92eede32574dbe05b5bdb6ad666b350bed0\n2. https://git.kernel.org/stable/c/90dc6c1e3b200812da8d0aa030e1b7fda8226d0e\n3. https://git.kernel.org/stable/c/cb56cd11feabf99e08bc18960700a53322ffcea7\n4. https://git.kernel.org/stable/c/0ba3a4ab76fd3367b9cb680cad70182c896c795c", "creation_timestamp": "2025-05-09T07:25:40.000000Z"}, {"uuid": "0dd40af9-ce8a-40b6-a716-cdf16bd1bb39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37873", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15698", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37873\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.\n\ud83d\udccf Published: 2025-05-09T06:44:01.394Z\n\ud83d\udccf Modified: 2025-05-09T06:44:01.394Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/21e70f694bc0dcb40174b0940cc52a7769fc19e0\n2. https://git.kernel.org/stable/c/3742c55de00266fa7c8fd2c5d61a453d223a9cd1\n3. https://git.kernel.org/stable/c/12f2d033fae957d84c2c0ce604d2a077e61fa2c0", "creation_timestamp": "2025-05-09T07:25:44.000000Z"}, {"uuid": "57c553c8-97a9-4c48-befc-83b1d37ebe8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37870", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15701", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37870\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.\n\ud83d\udccf Published: 2025-05-09T06:43:59.074Z\n\ud83d\udccf Modified: 2025-05-09T06:43:59.074Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/0363c03672cd3191f037905bf981eb523a3b71b1\n2. https://git.kernel.org/stable/c/04bf4f2a497e9877c425c5124652e61fb8a1a0aa\n3. https://git.kernel.org/stable/c/8058061ed9d6bc259d1e678607b07d259342c08f", "creation_timestamp": "2025-05-09T07:25:50.000000Z"}, {"uuid": "08aae369-dda4-4033-b7d9-389090e04278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37871", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15700", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37871\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx->flc_lock\n spin_lock // clp->cl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx->flc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp->cl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --> destroy_delegation --> destroy_unhashed_deleg -->\nnfs4_unlock_deleg_lease --> kernel_setlease --> generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.\n\ud83d\udccf Published: 2025-05-09T06:43:59.720Z\n\ud83d\udccf Modified: 2025-05-09T06:43:59.720Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b9bbe8f9d5663311d06667ce36d6ed255ead1a26\n2. https://git.kernel.org/stable/c/a70832d3555987035fc430ccd703acd89393eadb\n3. https://git.kernel.org/stable/c/ba903539fff745d592d893c71b30e5e268a95413\n4. https://git.kernel.org/stable/c/7d192e27a431026c58d60edf66dc6cd98d0c01fc\n5. https://git.kernel.org/stable/c/a7fce086f6ca84db409b9d58493ea77c1978897c\n6. https://git.kernel.org/stable/c/14985d66b9b99c12995dd99d1c6c8dec4114c2a5\n7. https://git.kernel.org/stable/c/a1d14d931bf700c1025db8c46d6731aa5cf440f9", "creation_timestamp": "2025-05-09T07:25:47.000000Z"}, {"uuid": "4eb9f106-c2e3-4c3a-9e41-2171acbc1599", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37872", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15699", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37872\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: txgbe: fix memory leak in txgbe_probe() error path\n\nWhen txgbe_sw_init() is called, memory is allocated for wx->rss_key\nin wx_init_rss_key(). However, in txgbe_probe() function, the subsequent\nerror paths after txgbe_sw_init() don't free the rss_key. Fix that by\nfreeing it in error path along with wx->mac_table.\n\nAlso change the label to which execution jumps when txgbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init().\n\ud83d\udccf Published: 2025-05-09T06:44:00.570Z\n\ud83d\udccf Modified: 2025-05-09T06:44:00.570Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/635863d93deb8e352d63a8eba852efeaf1ac3539\n2. https://git.kernel.org/stable/c/837197a722919f5b0eeb967fe7cb0cc1e83173b9\n3. https://git.kernel.org/stable/c/b2727326d0a53709380aa147018085d71a6d4843", "creation_timestamp": "2025-05-09T07:25:45.000000Z"}, {"uuid": "38076f65-83ea-4725-89ad-dbaad0d398e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37875", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15696", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37875\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status 'valid' bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM 'trigger' and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn't handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.\n\ud83d\udccf Published: 2025-05-09T06:44:03.368Z\n\ud83d\udccf Modified: 2025-05-09T06:44:03.368Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/c1f174edaccc5a00f8e218c42a0aa9156efd5f76\n2. https://git.kernel.org/stable/c/0c03e4fbe1321697d9d04587e21e416705e1b19f\n3. https://git.kernel.org/stable/c/16194ca3f3b4448a062650c869a7b3b206c6f5d3\n4. https://git.kernel.org/stable/c/f3516229cd12dcd45f23ed01adab17e8772b1bd5\n5. https://git.kernel.org/stable/c/31959e06143692f7e02b8eef7d7d6ac645637906\n6. https://git.kernel.org/stable/c/8e404ad95d2c10c261e2ef6992c7c12dde03df0e", "creation_timestamp": "2025-05-09T07:25:43.000000Z"}, {"uuid": "fc038030-f4c5-4681-9390-e63ab2ab880f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37871", "type": "seen", "source": "https://t.me/cvedetector/24938", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-37871 - Linux Kernel NFSd Deadlock Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-37871 \nPublished : May 9, 2025, 7:16 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnfsd: decrease sc_count directly if fail to queue dl_recall \n \nA deadlock warning occurred when invoking nfs4_put_stid following a failed \ndl_recall queue operation: \n T1 T2 \n nfs4_laundromat \n nfs4_get_client_reaplist \n nfs4_anylock_blockers \n__break_lease \n spin_lock // ctx->flc_lock \n spin_lock // clp->cl_lock \n nfs4_lockowner_has_blockers \n locks_owner_has_blockers \n spin_lock // flctx->flc_lock \n nfsd_break_deleg_cb \n nfsd_break_one_deleg \n nfs4_put_stid \n refcount_dec_and_lock \n spin_lock // clp->cl_lock \n \nWhen a file is opened, an nfs4_delegation is allocated with sc_count \ninitialized to 1, and the file_lease holds a reference to the delegation. \nThe file_lease is then associated with the file through kernel_setlease. \n \nThe disassociation is performed in nfsd4_delegreturn via the following \ncall chain: \nnfsd4_delegreturn --> destroy_delegation --> destroy_unhashed_deleg --> \nnfs4_unlock_deleg_lease --> kernel_setlease --> generic_delete_lease \nThe corresponding sc_count reference will be released after this \ndisassociation. \n \nSince nfsd_break_one_deleg executes while holding the flc_lock, the \ndisassociation process becomes blocked when attempting to acquire flc_lock \nin generic_delete_lease. This means: \n1) sc_count in nfsd_break_one_deleg will not be decremented to 0; \n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to \nacquire cl_lock; \n3) Consequently, no deadlock condition is created. \n \nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can \nsafely perform refcount_dec on sc_count directly. This approach \neffectively avoids triggering deadlock warnings. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-09T10:22:07.000000Z"}, {"uuid": "a128727b-3c60-4f99-bd77-b27ba3a832a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37878", "type": "seen", "source": "https://t.me/cvedetector/24932", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-37878 - Linux Kernel Perf Core Context Assignment Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-37878 \nPublished : May 9, 2025, 7:16 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nperf/core: Fix WARN_ON(!ctx) in __free_event() for partial init \n \nMove the get_ctx(child_ctx) call and the child_event->ctx assignment to \noccur immediately after the child event is allocated. Ensure that \nchild_event->ctx is non-NULL before any subsequent error path within \ninherit_event calls free_event(), satisfying the assumptions of the \ncleanup code. \n \nDetails: \n \nThere's no clear Fixes tag, because this bug is a side-effect of \nmultiple interacting commits over time (up to 15 years old), not \na single regression. \n \nThe code initially incremented refcount then assigned context \nimmediately after the child_event was created. Later, an early \nvalidity check for child_event was added before the \nrefcount/assignment. Even later, a WARN_ON_ONCE() cleanup check was \nadded, assuming event->ctx is valid if the pmu_ctx is valid. \nThe problem is that the WARN_ON_ONCE() could trigger after the initial \ncheck passed but before child_event->ctx was assigned, violating its \nprecondition. The solution is to assign child_event->ctx right after \nits initial validation. This ensures the context exists for any \nsubsequent checks or cleanup routines, resolving the WARN_ON_ONCE(). \n \nTo resolve it, defer the refcount update and child_event->ctx assignment \ndirectly after child_event->pmu_ctx is set but before checking if the \nparent event is orphaned. The cleanup routine depends on \nevent->pmu_ctx being non-NULL before it verifies event->ctx is \nnon-NULL. This also maintains the author's original intent of passing \nin child_ctx to find_get_pmu_context before its refcount/assignment. \n \n[ mingo: Expanded the changelog from another email by Gabriel Shahrouzi. ] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-09T10:22:00.000000Z"}, {"uuid": "c8d9a5c7-5679-4063-b3e5-fac3d13ff95e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37872", "type": "seen", "source": "https://t.me/cvedetector/24937", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-37872 - NetXtreme Gigabit Ethernet (TXGBE) Memory Leak Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-37872 \nPublished : May 9, 2025, 7:16 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: txgbe: fix memory leak in txgbe_probe() error path \n \nWhen txgbe_sw_init() is called, memory is allocated for wx->rss_key \nin wx_init_rss_key(). However, in txgbe_probe() function, the subsequent \nerror paths after txgbe_sw_init() don't free the rss_key. Fix that by \nfreeing it in error path along with wx->mac_table. \n \nAlso change the label to which execution jumps when txgbe_sw_init() \nfails, because otherwise, it could lead to a double free for rss_key, \nwhen the mac_table allocation fails in wx_sw_init(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-09T10:22:06.000000Z"}, {"uuid": "1843c637-fb61-47fd-b733-c0a955c47b6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-37879", "type": "seen", "source": "https://t.me/cvedetector/24928", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-37879 - \"Linux 9p Client Signed Integer Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2025-37879 \nPublished : May 9, 2025, 7:16 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \n9p/net: fix improper handling of bogus negative read/write replies \n \nIn p9_client_write() and p9_client_read_once(), if the server \nincorrectly replies with success but a negative write/read count then we \nwould consider written (negative) <=3) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-09T10:21:54.000000Z"}]}