SB20250509118 - Improper locking in Linux kernel accel ivpu driver
Published: May 9, 2025 Updated: May 10, 2025
Security Bulletin ID
SB20250509118
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2025-37847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ivpu_ms_cleanup() function in drivers/accel/ivpu/ivpu_ms.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/019634f27a16796eab749e8107dae32099945f29
- https://git.kernel.org/stable/c/7d12a7d43c7bab9097ba466581d8db702e7908dc
- https://git.kernel.org/stable/c/9a6f56762d23a1f3af15e67901493c927caaf882
- https://git.kernel.org/stable/c/f996ecc789b5dbaaf38b6ec0a1917821789cbd9c
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.13.12