CVE-2025-37968 (GCVE-0-2025-37968)

Vulnerability from cvelistv5 – Published: 2025-05-20 16:47 – Updated: 2025-11-03 17:32
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: iio: light: opt3001: fix deadlock due to concurrent flag access The threaded IRQ function in this driver is reading the flag twice: once to lock a mutex and once to unlock it. Even though the code setting the flag is designed to prevent it, there are subtle cases where the flag could be true at the mutex_lock stage and false at the mutex_unlock stage. This results in the mutex not being unlocked, resulting in a deadlock. Fix it by making the opt3001_irq() code generally more robust, reading the flag into a variable and using the variable value at both stages.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 94a9b7b1809f56cfaa080e70ec49b6979563a237 , < a9c56ccb7cddfca754291fb24b108a5350a5fbe9 (git)
Affected: 94a9b7b1809f56cfaa080e70ec49b6979563a237 , < 957e8be112636d9bc692917286e81e54bd87decc (git)
Affected: 94a9b7b1809f56cfaa080e70ec49b6979563a237 , < 1d7def97e7eb65865ccc01bbdf4eb9e6bbe8a5b5 (git)
Affected: 94a9b7b1809f56cfaa080e70ec49b6979563a237 , < 748ebd8e61d0bc182c331b8df3887af7285c8a8f (git)
Affected: 94a9b7b1809f56cfaa080e70ec49b6979563a237 , < e791bf216c9e236b34dabf514ec0ede140cca719 (git)
Affected: 94a9b7b1809f56cfaa080e70ec49b6979563a237 , < 7ca84f6a22d50bf8b31efe9eb05f9859947266d7 (git)
Affected: 94a9b7b1809f56cfaa080e70ec49b6979563a237 , < 2c95c8f0959d0a72575eabf2ff888f47ed6d8b77 (git)
Affected: 94a9b7b1809f56cfaa080e70ec49b6979563a237 , < f063a28002e3350088b4577c5640882bf4ea17ea (git)
Create a notification for this product.
    Linux Linux Affected: 4.3
Unaffected: 0 , < 4.3 (semver)
Unaffected: 5.4.299 , ≤ 5.4.* (semver)
Unaffected: 5.10.243 , ≤ 5.10.* (semver)
Unaffected: 5.15.192 , ≤ 5.15.* (semver)
Unaffected: 6.1.151 , ≤ 6.1.* (semver)
Unaffected: 6.6.105 , ≤ 6.6.* (semver)
Unaffected: 6.12.30 , ≤ 6.12.* (semver)
Unaffected: 6.14.7 , ≤ 6.14.* (semver)
Unaffected: 6.15 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:32:49.287Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/iio/light/opt3001.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a9c56ccb7cddfca754291fb24b108a5350a5fbe9",
              "status": "affected",
              "version": "94a9b7b1809f56cfaa080e70ec49b6979563a237",
              "versionType": "git"
            },
            {
              "lessThan": "957e8be112636d9bc692917286e81e54bd87decc",
              "status": "affected",
              "version": "94a9b7b1809f56cfaa080e70ec49b6979563a237",
              "versionType": "git"
            },
            {
              "lessThan": "1d7def97e7eb65865ccc01bbdf4eb9e6bbe8a5b5",
              "status": "affected",
              "version": "94a9b7b1809f56cfaa080e70ec49b6979563a237",
              "versionType": "git"
            },
            {
              "lessThan": "748ebd8e61d0bc182c331b8df3887af7285c8a8f",
              "status": "affected",
              "version": "94a9b7b1809f56cfaa080e70ec49b6979563a237",
              "versionType": "git"
            },
            {
              "lessThan": "e791bf216c9e236b34dabf514ec0ede140cca719",
              "status": "affected",
              "version": "94a9b7b1809f56cfaa080e70ec49b6979563a237",
              "versionType": "git"
            },
            {
              "lessThan": "7ca84f6a22d50bf8b31efe9eb05f9859947266d7",
              "status": "affected",
              "version": "94a9b7b1809f56cfaa080e70ec49b6979563a237",
              "versionType": "git"
            },
            {
              "lessThan": "2c95c8f0959d0a72575eabf2ff888f47ed6d8b77",
              "status": "affected",
              "version": "94a9b7b1809f56cfaa080e70ec49b6979563a237",
              "versionType": "git"
            },
            {
              "lessThan": "f063a28002e3350088b4577c5640882bf4ea17ea",
              "status": "affected",
              "version": "94a9b7b1809f56cfaa080e70ec49b6979563a237",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/iio/light/opt3001.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "lessThan": "4.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.243",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.192",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.151",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.105",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.30",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.299",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.243",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.192",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.151",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.105",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.30",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.7",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: opt3001: fix deadlock due to concurrent flag access\n\nThe threaded IRQ function in this driver is reading the flag twice: once to\nlock a mutex and once to unlock it. Even though the code setting the flag\nis designed to prevent it, there are subtle cases where the flag could be\ntrue at the mutex_lock stage and false at the mutex_unlock stage. This\nresults in the mutex not being unlocked, resulting in a deadlock.\n\nFix it by making the opt3001_irq() code generally more robust, reading the\nflag into a variable and using the variable value at both stages."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-09T17:06:05.365Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a9c56ccb7cddfca754291fb24b108a5350a5fbe9"
        },
        {
          "url": "https://git.kernel.org/stable/c/957e8be112636d9bc692917286e81e54bd87decc"
        },
        {
          "url": "https://git.kernel.org/stable/c/1d7def97e7eb65865ccc01bbdf4eb9e6bbe8a5b5"
        },
        {
          "url": "https://git.kernel.org/stable/c/748ebd8e61d0bc182c331b8df3887af7285c8a8f"
        },
        {
          "url": "https://git.kernel.org/stable/c/e791bf216c9e236b34dabf514ec0ede140cca719"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ca84f6a22d50bf8b31efe9eb05f9859947266d7"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c95c8f0959d0a72575eabf2ff888f47ed6d8b77"
        },
        {
          "url": "https://git.kernel.org/stable/c/f063a28002e3350088b4577c5640882bf4ea17ea"
        }
      ],
      "title": "iio: light: opt3001: fix deadlock due to concurrent flag access",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37968",
    "datePublished": "2025-05-20T16:47:16.051Z",
    "dateReserved": "2025-04-16T04:51:23.974Z",
    "dateUpdated": "2025-11-03T17:32:49.287Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-37968\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-05-20T17:15:47.250\",\"lastModified\":\"2025-11-03T18:15:56.750\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\niio: light: opt3001: fix deadlock due to concurrent flag access\\n\\nThe threaded IRQ function in this driver is reading the flag twice: once to\\nlock a mutex and once to unlock it. Even though the code setting the flag\\nis designed to prevent it, there are subtle cases where the flag could be\\ntrue at the mutex_lock stage and false at the mutex_unlock stage. This\\nresults in the mutex not being unlocked, resulting in a deadlock.\\n\\nFix it by making the opt3001_irq() code generally more robust, reading the\\nflag into a variable and using the variable value at both stages.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: light: opt3001: correcci\u00f3n de interbloqueo debido al acceso simult\u00e1neo a indicadores. La funci\u00f3n IRQ enhebrada de este controlador lee el indicador dos veces: una para bloquear un mutex y otra para desbloquearlo. Aunque el c\u00f3digo que configura el indicador est\u00e1 dise\u00f1ado para evitarlo, existen casos sutiles en los que el indicador podr\u00eda ser verdadero en la etapa mutex_lock y falso en la etapa mutex_unlock. Esto provoca que el mutex no se desbloquee, lo que genera un interbloqueo. Para solucionarlo, haga que el c\u00f3digo opt3001_irq() sea generalmente m\u00e1s robusto, leyendo el indicador en una variable y utilizando el valor de la variable en ambas etapas.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1d7def97e7eb65865ccc01bbdf4eb9e6bbe8a5b5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/2c95c8f0959d0a72575eabf2ff888f47ed6d8b77\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/748ebd8e61d0bc182c331b8df3887af7285c8a8f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7ca84f6a22d50bf8b31efe9eb05f9859947266d7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/957e8be112636d9bc692917286e81e54bd87decc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a9c56ccb7cddfca754291fb24b108a5350a5fbe9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e791bf216c9e236b34dabf514ec0ede140cca719\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f063a28002e3350088b4577c5640882bf4ea17ea\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.