{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-37897", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:23.964Z", "datePublished": "2025-05-20T15:21:33.372Z", "dateUpdated": "2025-05-26T05:23:16.020Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-26T05:23:16.020Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac->lock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac->lock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac->lock\nunlock it just after it was held. There is also no need to hold mac->lock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac->flags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n <TASK>\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n </TASK>\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/purelifi/plfxlc/mac.c"], "versions": [{"version": "68d57a07bfe5bb29b80cd8b8fa24c9d1ea104124", "lessThan": "93d646911be1e5be20d4f5d6c48359464cef0097", "status": "affected", "versionType": "git"}, {"version": "68d57a07bfe5bb29b80cd8b8fa24c9d1ea104124", "lessThan": "36a9a2647810e57e704dde59abdf831380ca9102", "status": "affected", "versionType": "git"}, {"version": "68d57a07bfe5bb29b80cd8b8fa24c9d1ea104124", "lessThan": "791a2d9e87c411aec0b9b2fb735fd15e48af9de9", "status": "affected", "versionType": "git"}, {"version": "68d57a07bfe5bb29b80cd8b8fa24c9d1ea104124", "lessThan": "9ecb4af39f80cdda3e57825923243ec11e48be6b", "status": "affected", "versionType": "git"}, {"version": "68d57a07bfe5bb29b80cd8b8fa24c9d1ea104124", "lessThan": "0fb15ae3b0a9221be01715dac0335647c79f3362", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/purelifi/plfxlc/mac.c"], "versions": [{"version": "5.19", "status": "affected"}, {"version": "0", "lessThan": "5.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.138", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.90", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.28", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14.6", "lessThanOrEqual": "6.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.1.138"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.6.90"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.12.28"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.14.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.15"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/93d646911be1e5be20d4f5d6c48359464cef0097"}, {"url": "https://git.kernel.org/stable/c/36a9a2647810e57e704dde59abdf831380ca9102"}, {"url": "https://git.kernel.org/stable/c/791a2d9e87c411aec0b9b2fb735fd15e48af9de9"}, {"url": "https://git.kernel.org/stable/c/9ecb4af39f80cdda3e57825923243ec11e48be6b"}, {"url": "https://git.kernel.org/stable/c/0fb15ae3b0a9221be01715dac0335647c79f3362"}], "title": "wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac->lock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac->lock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac->lock\nunlock it just after it was held. There is also no need to hold mac->lock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac->flags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n <TASK>\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n </TASK>\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."}], "id": "CVE-2025-37897", "lastModified": "2025-05-21T20:25:16.407", "metrics": {}, "published": "2025-05-20T16:15:26.067", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0fb15ae3b0a9221be01715dac0335647c79f3362"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/36a9a2647810e57e704dde59abdf831380ca9102"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/791a2d9e87c411aec0b9b2fb735fd15e48af9de9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/93d646911be1e5be20d4f5d6c48359464cef0097"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9ecb4af39f80cdda3e57825923243ec11e48be6b"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release", "id": "2367519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367519"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\nplfxlc_mac_release() asserts that mac->lock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac->lock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac->lock\nunlock it just after it was held. There is also no need to hold mac->lock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac->flags, which is modified atomically.\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n<TASK>\nprobe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\nusb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\nreally_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n__driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\ndriver_probe_device+0x50/0x420 drivers/base/dd.c:815\n__device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\nbus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n__device_attach+0x359/0x570 drivers/base/dd.c:1015\nbus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\ndevice_add+0xb48/0xfd0 drivers/base/core.c:3696\nusb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\nusb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\nusb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\nreally_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n__driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\ndriver_probe_device+0x50/0x420 drivers/base/dd.c:815\n__device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\nbus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n__device_attach+0x359/0x570 drivers/base/dd.c:1015\nbus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\ndevice_add+0xb48/0xfd0 drivers/base/core.c:3696\nusb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\nhub_port_connect drivers/usb/core/hub.c:5477 [inline]\nhub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\nport_event drivers/usb/core/hub.c:5773 [inline]\nhub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\nprocess_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\nworker_thread+0xa47/0x1200 kernel/workqueue.c:2439\nkthread+0x28d/0x320 kernel/kthread.c:376\nret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n</TASK>\n================================================================\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."], "name": "CVE-2025-37897", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-37897\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-37897\nhttps://lore.kernel.org/linux-cve-announce/2025052054-CVE-2025-37897-3146@gregkh/T"], "threat_severity": "Moderate"}