PT-2025-20525 · Linux+5 · Linux Kernel+5
Published
2025-04-11
·
Updated
2026-05-26
·
CVE-2025-37875
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to the igc driver in the Linux kernel, where writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. This can be reproduced using the phc2sys command with specific parameters, leading to a "Connection timed out" error when the PTM transaction fails. The problem also causes a hang in igc probe() when loading the igc driver in the kdump kernel on systems supporting PTM. The issue is resolved by clearing the PTM 'trigger' and status after each PTM transaction, which reduces the chances of a crash occurring during a PTM trigger.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu