Memory Corruption Vulnerability in Linux Kernel's Smartpqi Driver
CVE-2025-37981

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 20 May 2025

What is CVE-2025-37981?

A vulnerability in the smartpqi driver of the Linux kernel has been identified, which affects the proper functioning of kexec reboots. The driver currently relies on the reset_devices variable, leading to inappropriate adjustments in parameters like max_transfer_size after rebooting. This has resulted in memory corruption when the driver log writes to system memory post-kexec. A solution is provided by implementing checks using is_kdump_kernel() instead, ensuring appropriate behavior during kexec operations and preventing these critical issues.

Affected Version(s)

Linux 058311b72f54890de824b063feb603942269b732 < 7cc670e8ebaa5241dd99c0ad75eceb8f8f64f607

Linux 058311b72f54890de824b063feb603942269b732

References

https://git.kernel.org/stable/c/7cc670e8ebaa5241dd99c0ad7...

https://git.kernel.org/stable/c/ebf673c76ce91e612a882dfaa...

https://git.kernel.org/stable/c/a2d5a0072235a69749ceb04c1...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2025
Vulnerability Reserved
Apr 16, 2025