Linux Kernel Vulnerability in ST LSM6DSX IMU Device
CVE-2025-37969

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 20 May 2025

What is CVE-2025-37969?

A vulnerability exists in the Linux kernel concerning the ST LSM6DSX IMU device that can lead to a potential system lockup. The issue arises when the function st_lsm6dsx_read_tagged_fifo enters an infinite loop if the pattern length is set to zero while the device FIFO remains non-empty. This can cause significant performance degradation and needs urgent attention to prevent disruption of system operations.

Affected Version(s)

Linux 801a6e0af0c6cedca2e99155e343ad385a50f08e < 4db7d923a8c298788181b796f71adf6ca499f966

Linux 801a6e0af0c6cedca2e99155e343ad385a50f08e < 76727a1d81afde77d21ea8feaeb12d34605be6f4

Linux 801a6e0af0c6cedca2e99155e343ad385a50f08e < 35b8c0a284983b71d92d082c54b7eb655ed4194f

References

https://git.kernel.org/stable/c/4db7d923a8c298788181b796f...

https://git.kernel.org/stable/c/76727a1d81afde77d21ea8fea...

https://git.kernel.org/stable/c/35b8c0a284983b71d92d082c5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2025
Vulnerability Reserved
Apr 16, 2025