CVE-2025-37745: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Avoid deadlock in hibernate_compressor_param_set() syzbot reported a deadlock in lock_system_sleep() (see below). The write operation to "/sys/module/hibernate/parameters/compressor" conflicts with the registration of ieee80211 device, resulting in a deadlock when attempting to acquire system_transition_mutex under param_lock. To avoid this deadlock, change hibernate_compressor_param_set() to use mutex_trylock() for attempting to acquire system_transition_mutex and return -EBUSY when it fails. Task flags need not be saved or adjusted before calling mutex_trylock(&system_transition_mutex) because the caller is not going to end up waiting for this mutex and if it runs concurrently with system suspend in progress, it will be frozen properly when it returns to user space. syzbot report: syz-executor895/5833 is trying to acquire lock: ffffffff8e0828c8 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 kernel/power/main.c:56 but task is already holding lock: ffffffff8e07dc68 (param_lock){+.+.}-{4:4}, at: kernel_param_lock kernel/params.c:607 [inline] ffffffff8e07dc68 (param_lock){+.+.}-{4:4}, at: param_attr_store+0xe6/0x300 kernel/params.c:586 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #3 (param_lock){+.+.}-{4:4}: __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0x19b/0xb10 kernel/locking/mutex.c:730 ieee80211_rate_control_ops_get net/mac80211/rate.c:220 [inline] rate_control_alloc net/mac80211/rate.c:266 [inline] ieee80211_init_rate_ctrl_alg+0x18d/0x6b0 net/mac80211/rate.c:1015 ieee80211_register_hw+0x20cd/0x4060 net/mac80211/main.c:1531 mac80211_hwsim_new_radio+0x304e/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5558 init_mac80211_hwsim+0x432/0x8c0 drivers/net/wireless/virtual/mac80211_hwsim.c:6910 do_one_initcall+0x128/0x700 init/main.c:1257 do_initcall_level init/main.c:1319 [inline] do_initcalls init/main.c:1335 [inline] do_basic_setup init/main.c:1354 [inline] kernel_init_freeable+0x5c7/0x900 init/main.c:1568 kernel_init+0x1c/0x2b0 init/main.c:1457 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 -> #2 (rtnl_mutex){+.+.}-{4:4}: __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0x19b/0xb10 kernel/locking/mutex.c:730 wg_pm_notification drivers/net/wireguard/device.c:80 [inline] wg_pm_notification+0x49/0x180 drivers/net/wireguard/device.c:64 notifier_call_chain+0xb7/0x410 kernel/notifier.c:85 notifier_call_chain_robust kernel/notifier.c:120 [inline] blocking_notifier_call_chain_robust kernel/notifier.c:345 [inline] blocking_notifier_call_chain_robust+0xc9/0x170 kernel/notifier.c:333 pm_notifier_call_chain_robust+0x27/0x60 kernel/power/main.c:102 snapshot_open+0x189/0x2b0 kernel/power/user.c:77 misc_open+0x35a/0x420 drivers/char/misc.c:179 chrdev_open+0x237/0x6a0 fs/char_dev.c:414 do_dentry_open+0x735/0x1c40 fs/open.c:956 vfs_open+0x82/0x3f0 fs/open.c:1086 do_open fs/namei.c:3830 [inline] path_openat+0x1e88/0x2d80 fs/namei.c:3989 do_filp_open+0x20c/0x470 fs/namei.c:4016 do_sys_openat2+0x17a/0x1e0 fs/open.c:1428 do_sys_open fs/open.c:1443 [inline] __do_sys_openat fs/open.c:1459 [inline] __se_sys_openat fs/open.c:1454 [inline] __x64_sys_openat+0x175/0x210 fs/open.c:1454 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f -> #1 ((pm_chain_head).rwsem){++++}-{4:4}: down_read+0x9a/0x330 kernel/locking/rwsem.c:1524 blocking_notifier_call_chain_robust kerne ---truncated---
AI Analysis
Technical Summary
CVE-2025-37745 is a concurrency vulnerability in the Linux kernel's power management subsystem, specifically related to the hibernate functionality. The issue arises from a deadlock condition triggered when a write operation to the sysfs parameter "/sys/module/hibernate/parameters/compressor" conflicts with the registration of an ieee80211 wireless device. The deadlock occurs due to improper locking order and dependency between two mutexes: system_transition_mutex and param_lock. When the hibernate_compressor_param_set() function attempts to acquire system_transition_mutex while already holding param_lock, and concurrently the ieee80211 device registration path tries to acquire param_lock while holding system_transition_mutex, a circular wait condition arises, causing a deadlock. The fix involves modifying hibernate_compressor_param_set() to use mutex_trylock() on system_transition_mutex and return -EBUSY if the lock cannot be immediately acquired, thus avoiding blocking and preventing the deadlock. This change ensures that if the system is in the middle of a suspend or hibernate transition, the parameter update will fail gracefully rather than causing a system hang. The vulnerability was identified and reported by syzbot, an automated kernel fuzzer, and affects Linux kernel versions identified by the given commit hashes. The deadlock is triggered during concurrent operations involving system suspend and wireless device initialization, which are common in many Linux-based systems. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability could lead to system hangs or freezes during power management operations, particularly when hibernation is used alongside wireless device initialization or configuration changes. This can affect server uptime, workstation availability, and embedded systems relying on Linux kernel power management. In critical infrastructure, industrial control systems, or telecommunications equipment running Linux, such deadlocks could cause denial of service conditions, impacting operational continuity. Although the vulnerability does not directly lead to privilege escalation or data leakage, the availability impact can disrupt business processes, especially in environments with automated suspend/resume cycles or frequent wireless device reconfigurations. Systems that rely heavily on hibernation to save power or maintain state may be more susceptible. The lack of known exploits reduces immediate risk, but the potential for system hangs necessitates timely patching to maintain reliability and prevent operational disruptions.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions containing the fix for CVE-2025-37745. Since the fix involves kernel code changes, applying official kernel patches or upgrading to a fixed kernel release is essential. For environments where immediate patching is not feasible, organizations can mitigate risk by minimizing concurrent operations that trigger the deadlock, such as avoiding parameter changes to the hibernate compressor during wireless device initialization or system suspend transitions. Monitoring system logs for signs of deadlock or hangs related to power management and wireless device events can help detect attempted exploitation or triggering conditions. Additionally, organizations should review and test power management configurations and wireless device drivers to ensure compatibility with updated kernels. For embedded or specialized Linux distributions, vendors should be contacted to obtain patched kernel versions. Implementing robust system monitoring and automated reboot mechanisms can reduce downtime impact if a deadlock occurs before patching.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain
CVE-2025-37745: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Avoid deadlock in hibernate_compressor_param_set() syzbot reported a deadlock in lock_system_sleep() (see below). The write operation to "/sys/module/hibernate/parameters/compressor" conflicts with the registration of ieee80211 device, resulting in a deadlock when attempting to acquire system_transition_mutex under param_lock. To avoid this deadlock, change hibernate_compressor_param_set() to use mutex_trylock() for attempting to acquire system_transition_mutex and return -EBUSY when it fails. Task flags need not be saved or adjusted before calling mutex_trylock(&system_transition_mutex) because the caller is not going to end up waiting for this mutex and if it runs concurrently with system suspend in progress, it will be frozen properly when it returns to user space. syzbot report: syz-executor895/5833 is trying to acquire lock: ffffffff8e0828c8 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 kernel/power/main.c:56 but task is already holding lock: ffffffff8e07dc68 (param_lock){+.+.}-{4:4}, at: kernel_param_lock kernel/params.c:607 [inline] ffffffff8e07dc68 (param_lock){+.+.}-{4:4}, at: param_attr_store+0xe6/0x300 kernel/params.c:586 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #3 (param_lock){+.+.}-{4:4}: __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0x19b/0xb10 kernel/locking/mutex.c:730 ieee80211_rate_control_ops_get net/mac80211/rate.c:220 [inline] rate_control_alloc net/mac80211/rate.c:266 [inline] ieee80211_init_rate_ctrl_alg+0x18d/0x6b0 net/mac80211/rate.c:1015 ieee80211_register_hw+0x20cd/0x4060 net/mac80211/main.c:1531 mac80211_hwsim_new_radio+0x304e/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5558 init_mac80211_hwsim+0x432/0x8c0 drivers/net/wireless/virtual/mac80211_hwsim.c:6910 do_one_initcall+0x128/0x700 init/main.c:1257 do_initcall_level init/main.c:1319 [inline] do_initcalls init/main.c:1335 [inline] do_basic_setup init/main.c:1354 [inline] kernel_init_freeable+0x5c7/0x900 init/main.c:1568 kernel_init+0x1c/0x2b0 init/main.c:1457 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 -> #2 (rtnl_mutex){+.+.}-{4:4}: __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0x19b/0xb10 kernel/locking/mutex.c:730 wg_pm_notification drivers/net/wireguard/device.c:80 [inline] wg_pm_notification+0x49/0x180 drivers/net/wireguard/device.c:64 notifier_call_chain+0xb7/0x410 kernel/notifier.c:85 notifier_call_chain_robust kernel/notifier.c:120 [inline] blocking_notifier_call_chain_robust kernel/notifier.c:345 [inline] blocking_notifier_call_chain_robust+0xc9/0x170 kernel/notifier.c:333 pm_notifier_call_chain_robust+0x27/0x60 kernel/power/main.c:102 snapshot_open+0x189/0x2b0 kernel/power/user.c:77 misc_open+0x35a/0x420 drivers/char/misc.c:179 chrdev_open+0x237/0x6a0 fs/char_dev.c:414 do_dentry_open+0x735/0x1c40 fs/open.c:956 vfs_open+0x82/0x3f0 fs/open.c:1086 do_open fs/namei.c:3830 [inline] path_openat+0x1e88/0x2d80 fs/namei.c:3989 do_filp_open+0x20c/0x470 fs/namei.c:4016 do_sys_openat2+0x17a/0x1e0 fs/open.c:1428 do_sys_open fs/open.c:1443 [inline] __do_sys_openat fs/open.c:1459 [inline] __se_sys_openat fs/open.c:1454 [inline] __x64_sys_openat+0x175/0x210 fs/open.c:1454 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f -> #1 ((pm_chain_head).rwsem){++++}-{4:4}: down_read+0x9a/0x330 kernel/locking/rwsem.c:1524 blocking_notifier_call_chain_robust kerne ---truncated---
AI-Powered Analysis
Technical Analysis
CVE-2025-37745 is a concurrency vulnerability in the Linux kernel's power management subsystem, specifically related to the hibernate functionality. The issue arises from a deadlock condition triggered when a write operation to the sysfs parameter "/sys/module/hibernate/parameters/compressor" conflicts with the registration of an ieee80211 wireless device. The deadlock occurs due to improper locking order and dependency between two mutexes: system_transition_mutex and param_lock. When the hibernate_compressor_param_set() function attempts to acquire system_transition_mutex while already holding param_lock, and concurrently the ieee80211 device registration path tries to acquire param_lock while holding system_transition_mutex, a circular wait condition arises, causing a deadlock. The fix involves modifying hibernate_compressor_param_set() to use mutex_trylock() on system_transition_mutex and return -EBUSY if the lock cannot be immediately acquired, thus avoiding blocking and preventing the deadlock. This change ensures that if the system is in the middle of a suspend or hibernate transition, the parameter update will fail gracefully rather than causing a system hang. The vulnerability was identified and reported by syzbot, an automated kernel fuzzer, and affects Linux kernel versions identified by the given commit hashes. The deadlock is triggered during concurrent operations involving system suspend and wireless device initialization, which are common in many Linux-based systems. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability could lead to system hangs or freezes during power management operations, particularly when hibernation is used alongside wireless device initialization or configuration changes. This can affect server uptime, workstation availability, and embedded systems relying on Linux kernel power management. In critical infrastructure, industrial control systems, or telecommunications equipment running Linux, such deadlocks could cause denial of service conditions, impacting operational continuity. Although the vulnerability does not directly lead to privilege escalation or data leakage, the availability impact can disrupt business processes, especially in environments with automated suspend/resume cycles or frequent wireless device reconfigurations. Systems that rely heavily on hibernation to save power or maintain state may be more susceptible. The lack of known exploits reduces immediate risk, but the potential for system hangs necessitates timely patching to maintain reliability and prevent operational disruptions.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions containing the fix for CVE-2025-37745. Since the fix involves kernel code changes, applying official kernel patches or upgrading to a fixed kernel release is essential. For environments where immediate patching is not feasible, organizations can mitigate risk by minimizing concurrent operations that trigger the deadlock, such as avoiding parameter changes to the hibernate compressor during wireless device initialization or system suspend transitions. Monitoring system logs for signs of deadlock or hangs related to power management and wireless device events can help detect attempted exploitation or triggering conditions. Additionally, organizations should review and test power management configurations and wireless device drivers to ensure compatibility with updated kernels. For embedded or specialized Linux distributions, vendors should be contacted to obtain patched kernel versions. Implementing robust system monitoring and automated reboot mechanisms can reduce downtime impact if a deadlock occurs before patching.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-04-16T04:51:23.936Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9832c4522896dcbe82e0
Added to database: 5/21/2025, 9:09:06 AM
Last enriched: 7/3/2025, 10:26:54 PM
Last updated: 7/29/2025, 9:07:35 PM
Views: 10
Related Threats
CVE-2025-9011: SQL Injection in PHPGurukul Online Shopping Portal Project
MediumCVE-2025-9010: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-9009: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-31961: CWE-1220 Insufficient Granularity of Access Control in HCL Software Connections
LowCVE-2025-9008: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.