CVE-2025-37833: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads Fix niu_try_msix() to not cause a fatal trap on sparc systems. Set PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to work around a bug in the hardware or firmware. For each vector entry in the msix table, niu chips will cause a fatal trap if any registers in that entry are read before that entries' ENTRY_DATA register is written to. Testing indicates writes to other registers are not sufficient to prevent the fatal trap, however the value does not appear to matter. This only needs to happen once after power up, so simply rebooting into a kernel lacking this fix will NOT cause the trap. NON-RESUMABLE ERROR: Reporting on cpu 64 NON-RESUMABLE ERROR: TPC [0x00000000005f6900] <msix_prepare_msi_desc+0x90/0xa0> NON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff NON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000] NON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff] NON-RESUMABLE ERROR: type [precise nonresumable] NON-RESUMABLE ERROR: attrs [0x02000080] < ASI sp-faulted priv > NON-RESUMABLE ERROR: raddr [0xffffffffffffffff] NON-RESUMABLE ERROR: insn effective address [0x000000c50020000c] NON-RESUMABLE ERROR: size [0x8] NON-RESUMABLE ERROR: asi [0x00] CPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63 Workqueue: events work_for_cpu_fn TSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted TPC: <msix_prepare_msi_desc+0x90/0xa0> g0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100 g4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000 o0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620 o4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128 RPC: <__pci_enable_msix_range+0x3cc/0x460> l0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020 l4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734 i0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d i4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0 I7: <niu_try_msix.constprop.0+0xc0/0x130 [niu]> Call Trace: [<00000000101888b0>] niu_try_msix.constprop.0+0xc0/0x130 [niu] [<000000001018f840>] niu_get_invariants+0x183c/0x207c [niu] [<00000000101902fc>] niu_pci_init_one+0x27c/0x2fc [niu] [<00000000005ef3e4>] local_pci_probe+0x28/0x74 [<0000000000469240>] work_for_cpu_fn+0x8/0x1c [<000000000046b008>] process_scheduled_works+0x144/0x210 [<000000000046b518>] worker_thread+0x13c/0x1c0 [<00000000004710e0>] kthread+0xb8/0xc8 [<00000000004060c8>] ret_from_fork+0x1c/0x2c [<0000000000000000>] 0x0 Kernel panic - not syncing: Non-resumable error.
AI Analysis
Technical Summary
CVE-2025-37833 is a vulnerability in the Linux kernel affecting the NIU (Network Interface Unit) driver, specifically related to the handling of MSI-X (Message Signaled Interrupts - Extended) entry data on SPARC architecture systems. The issue arises because the NIU driver does not properly initialize or 'touch' the ENTRY_DATA fields of MSI-X vectors before reading from them. This improper handling can cause a fatal trap, leading to a kernel panic and system crash. The vulnerability is triggered when the driver reads registers in an MSI-X table entry before the ENTRY_DATA register for that entry has been written to. Testing shows that writing to other registers is insufficient to prevent the fatal trap; the ENTRY_DATA register must be written at least once after power-up to avoid the issue. The problem is hardware or firmware-related, requiring a software workaround implemented by setting the PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST flag on the pci_dev structure. The kernel patch fixes the niu_try_msix() function to ensure this initialization occurs, preventing the fatal trap. This vulnerability is specific to SPARC systems using the NIU network driver and affects certain Linux kernel versions prior to the fix. Exploitation leads to a non-resumable error, causing a kernel panic and complete system unavailability. The vulnerability does not require user interaction or authentication but is limited to systems with the affected hardware and kernel versions. No known exploits are currently in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations running Linux on SPARC-based hardware with NIU network interfaces, this vulnerability poses a significant risk of system crashes and downtime. The kernel panic triggered by this flaw results in immediate loss of availability of affected systems, which could disrupt critical network services, especially in data centers, telecom infrastructure, or specialized industrial environments relying on SPARC servers. While confidentiality and integrity impacts are minimal since this is a denial-of-service condition, the availability impact can be severe. Organizations with high-availability requirements or those operating critical infrastructure could face operational interruptions, potential financial losses, and reputational damage. Recovery requires system reboot and patching, but rebooting without the fix does not prevent recurrence. The vulnerability's hardware specificity limits its scope, but affected systems may be in use in niche sectors such as telecommunications, research institutions, or legacy enterprise environments within Europe.
Mitigation Recommendations
1. Immediate application of the Linux kernel patch that sets the PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST flag and fixes the niu_try_msix() function is essential to prevent the fatal trap. 2. Identify and inventory all SPARC-based Linux systems using the NIU driver within the organization to assess exposure. 3. Schedule maintenance windows to update affected systems to a patched kernel version, ensuring minimal disruption. 4. Implement monitoring for kernel panic logs and non-resumable errors related to MSI-X handling to detect potential exploitation or triggering of the vulnerability. 5. For environments where patching is delayed, consider isolating affected systems from critical network segments to reduce impact. 6. Engage with hardware vendors for firmware updates that might address underlying hardware or firmware bugs contributing to this issue. 7. Develop incident response plans for rapid recovery from kernel panics, including automated reboot procedures and alerting mechanisms. 8. Avoid rebooting affected systems into unpatched kernels, as this does not resolve the issue and may lead to repeated crashes.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Sweden
CVE-2025-37833: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads Fix niu_try_msix() to not cause a fatal trap on sparc systems. Set PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to work around a bug in the hardware or firmware. For each vector entry in the msix table, niu chips will cause a fatal trap if any registers in that entry are read before that entries' ENTRY_DATA register is written to. Testing indicates writes to other registers are not sufficient to prevent the fatal trap, however the value does not appear to matter. This only needs to happen once after power up, so simply rebooting into a kernel lacking this fix will NOT cause the trap. NON-RESUMABLE ERROR: Reporting on cpu 64 NON-RESUMABLE ERROR: TPC [0x00000000005f6900] <msix_prepare_msi_desc+0x90/0xa0> NON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff NON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000] NON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff] NON-RESUMABLE ERROR: type [precise nonresumable] NON-RESUMABLE ERROR: attrs [0x02000080] < ASI sp-faulted priv > NON-RESUMABLE ERROR: raddr [0xffffffffffffffff] NON-RESUMABLE ERROR: insn effective address [0x000000c50020000c] NON-RESUMABLE ERROR: size [0x8] NON-RESUMABLE ERROR: asi [0x00] CPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63 Workqueue: events work_for_cpu_fn TSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted TPC: <msix_prepare_msi_desc+0x90/0xa0> g0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100 g4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000 o0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620 o4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128 RPC: <__pci_enable_msix_range+0x3cc/0x460> l0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020 l4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734 i0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d i4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0 I7: <niu_try_msix.constprop.0+0xc0/0x130 [niu]> Call Trace: [<00000000101888b0>] niu_try_msix.constprop.0+0xc0/0x130 [niu] [<000000001018f840>] niu_get_invariants+0x183c/0x207c [niu] [<00000000101902fc>] niu_pci_init_one+0x27c/0x2fc [niu] [<00000000005ef3e4>] local_pci_probe+0x28/0x74 [<0000000000469240>] work_for_cpu_fn+0x8/0x1c [<000000000046b008>] process_scheduled_works+0x144/0x210 [<000000000046b518>] worker_thread+0x13c/0x1c0 [<00000000004710e0>] kthread+0xb8/0xc8 [<00000000004060c8>] ret_from_fork+0x1c/0x2c [<0000000000000000>] 0x0 Kernel panic - not syncing: Non-resumable error.
AI-Powered Analysis
Technical Analysis
CVE-2025-37833 is a vulnerability in the Linux kernel affecting the NIU (Network Interface Unit) driver, specifically related to the handling of MSI-X (Message Signaled Interrupts - Extended) entry data on SPARC architecture systems. The issue arises because the NIU driver does not properly initialize or 'touch' the ENTRY_DATA fields of MSI-X vectors before reading from them. This improper handling can cause a fatal trap, leading to a kernel panic and system crash. The vulnerability is triggered when the driver reads registers in an MSI-X table entry before the ENTRY_DATA register for that entry has been written to. Testing shows that writing to other registers is insufficient to prevent the fatal trap; the ENTRY_DATA register must be written at least once after power-up to avoid the issue. The problem is hardware or firmware-related, requiring a software workaround implemented by setting the PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST flag on the pci_dev structure. The kernel patch fixes the niu_try_msix() function to ensure this initialization occurs, preventing the fatal trap. This vulnerability is specific to SPARC systems using the NIU network driver and affects certain Linux kernel versions prior to the fix. Exploitation leads to a non-resumable error, causing a kernel panic and complete system unavailability. The vulnerability does not require user interaction or authentication but is limited to systems with the affected hardware and kernel versions. No known exploits are currently in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations running Linux on SPARC-based hardware with NIU network interfaces, this vulnerability poses a significant risk of system crashes and downtime. The kernel panic triggered by this flaw results in immediate loss of availability of affected systems, which could disrupt critical network services, especially in data centers, telecom infrastructure, or specialized industrial environments relying on SPARC servers. While confidentiality and integrity impacts are minimal since this is a denial-of-service condition, the availability impact can be severe. Organizations with high-availability requirements or those operating critical infrastructure could face operational interruptions, potential financial losses, and reputational damage. Recovery requires system reboot and patching, but rebooting without the fix does not prevent recurrence. The vulnerability's hardware specificity limits its scope, but affected systems may be in use in niche sectors such as telecommunications, research institutions, or legacy enterprise environments within Europe.
Mitigation Recommendations
1. Immediate application of the Linux kernel patch that sets the PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST flag and fixes the niu_try_msix() function is essential to prevent the fatal trap. 2. Identify and inventory all SPARC-based Linux systems using the NIU driver within the organization to assess exposure. 3. Schedule maintenance windows to update affected systems to a patched kernel version, ensuring minimal disruption. 4. Implement monitoring for kernel panic logs and non-resumable errors related to MSI-X handling to detect potential exploitation or triggering of the vulnerability. 5. For environments where patching is delayed, consider isolating affected systems from critical network segments to reduce impact. 6. Engage with hardware vendors for firmware updates that might address underlying hardware or firmware bugs contributing to this issue. 7. Develop incident response plans for rapid recovery from kernel panics, including automated reboot procedures and alerting mechanisms. 8. Avoid rebooting affected systems into unpatched kernels, as this does not resolve the issue and may lead to repeated crashes.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-04-16T04:51:23.951Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9819c4522896dcbd88d2
Added to database: 5/21/2025, 9:08:41 AM
Last enriched: 7/4/2025, 12:11:58 AM
Last updated: 7/26/2025, 12:20:29 AM
Views: 11
Related Threats
CVE-2025-55012: CWE-288: Authentication Bypass Using an Alternate Path or Channel in zed-industries zed
HighCVE-2025-8854: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in bulletphysics bullet3
HighCVE-2025-8830: OS Command Injection in Linksys RE6250
MediumCVE-2025-54878: CWE-122: Heap-based Buffer Overflow in nasa CryptoLib
HighResearchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.