PT-2025-22194 · Linux+5 · Linux Kernel+5

Published

2025-05-01

·

Updated

2026-04-20

·

CVE-2025-37933

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A host hang issue occurs during device reboot in the Linux kernel when the host loses heartbeat messages from the device. The driver calls the device-specific ndo stop function, which frees resources. If the driver is unloaded in this scenario, it calls ndo stop again, attempting to free resources that have already been freed. To resolve this, dev close should be called instead of the device-specific stop function, as it internally calls ndo stop to stop the network interface and performs additional cleanup tasks.
Recommendations For the Linux kernel, to resolve the host hang issue, dev close should be called instead of the device-specific stop function during the driver unload process. As a temporary workaround, consider restricting the unload of the driver when the device is already down to minimize the risk of exploitation.

Exploit

Fix

Double Free

Multiple Releases of Same Resource or Handle

Weakness Enumeration

CWE-415CWE-1341

Related Identifiers

BDU:2025-11902
CVE-2025-37933
MGASA-2025-0182
MGASA-2025-0183
OESA-2025-1823
OESA-2025-1824
OESA-2025-1870
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02538-1
USN-7649-1
USN-7649-2
USN-7650-1
USN-7665-1
USN-7665-2
USN-7721-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu