CVE-2025-37745

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A deadlock vulnerability has been identified in the Linux kernel, specifically in the hibernate compressor param set() function. This issue arises when attempting to acquire the system transition mutex under param lock, resulting in a deadlock. The conflict occurs between the write operation to "/sys/module/hibernate/parameters/compressor" and the registration of the ieee80211 device. To resolve this, the hibernate compressor param set() function has been modified to use mutex trylock() for attempting to acquire system transition mutex, returning -EBUSY when it fails.

Recommendations To avoid this deadlock, consider applying the patch that changes hibernate compressor param set() to use mutex trylock() for attempting to acquire system transition mutex and return -EBUSY when it fails. As a temporary workaround, consider disabling the hibernate compressor param set() function until a patch is available. Restrict access to the /sys/module/hibernate/parameters/compressor module to minimize the risk of exploitation.