CVE-2025-37901: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs On Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not have a corresponding MPM pin and should not be handled inside the MPM driver. The IRQ domain hierarchy is always applied, so it's required to explicitly disconnect the hierarchy for those. The pinctrl-msm driver marks these with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but irq-qcom-mpm is currently missing the check. This is causing crashes when setting up interrupts for non-wake GPIOs: root@rb1:~# gpiomon -c gpiochip1 10 irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1 Unable to handle kernel paging request at virtual address ffff8000a1dc3820 Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT) pc : mpm_set_type+0x80/0xcc lr : mpm_set_type+0x5c/0xcc Call trace: mpm_set_type+0x80/0xcc (P) qcom_mpm_set_type+0x64/0x158 irq_chip_set_type_parent+0x20/0x38 msm_gpio_irq_set_type+0x50/0x530 __irq_set_trigger+0x60/0x184 __setup_irq+0x304/0x6bc request_threaded_irq+0xc8/0x19c edge_detector_setup+0x260/0x364 linereq_create+0x420/0x5a8 gpio_ioctl+0x2d4/0x6c0 Fix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that MPM is removed entirely from the hierarchy for non-wake GPIOs.
AI Analysis
Technical Summary
CVE-2025-37901 is a vulnerability identified in the Linux kernel specifically affecting the Qualcomm MPM (Modem Power Management) interrupt controller driver (irqchip/qcom-mpm). The issue arises because the driver does not properly handle non-wake GPIOs (General Purpose Input/Output pins) on Qualcomm chipsets. Not all GPIOs are wakeup capable; those that are not do not have a corresponding MPM pin and should be excluded from the MPM driver's interrupt handling hierarchy. The pinctrl-msm driver marks these non-wake GPIOs with the GPIO_NO_WAKE_IRQ flag, and the qcom-pdc driver correctly checks for this flag. However, the irq-qcom-mpm driver lacks this check, leading to attempts to handle interrupts for non-wake GPIOs improperly. This results in kernel crashes due to invalid memory access, as demonstrated by kernel paging faults during interrupt setup for such GPIOs. The root cause is that the IRQ domain hierarchy is not explicitly disconnected for non-wake GPIOs in the MPM driver, causing the driver to access invalid memory addresses. The fix involves adding a check for GPIO_NO_WAKE_IRQ in the irq-qcom-mpm driver, effectively removing non-wake GPIOs from the MPM interrupt hierarchy and preventing the crash. This vulnerability affects Linux kernel versions containing the specified commit hashes and is particularly relevant for devices using Qualcomm chipsets with the affected MPM driver implementation. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2025-37901 depends largely on their use of Linux-based systems running on Qualcomm chipsets, especially embedded or IoT devices, industrial controllers, or robotics platforms that utilize the affected MPM driver. The vulnerability causes kernel crashes when handling interrupts for non-wake GPIOs, leading to potential denial of service (DoS) conditions. This can disrupt critical operations, cause system instability, or require device reboots, impacting availability. While it does not directly lead to privilege escalation or data leakage, the resulting instability could be exploited as part of a larger attack chain or cause operational downtime. Organizations in sectors such as manufacturing, robotics, telecommunications, and embedded systems development within Europe may be particularly affected. The vulnerability may also impact developers and vendors who build custom Linux kernels for Qualcomm-based hardware. Since no authentication or user interaction is required to trigger the crash (it occurs during interrupt setup), the attack surface includes any process or driver that configures GPIO interrupts, increasing the risk of accidental or malicious triggering. However, the lack of known exploits and the technical specificity of the vulnerability somewhat limit immediate widespread impact.
Mitigation Recommendations
European organizations should take the following specific mitigation steps: 1) Apply the official Linux kernel patches that introduce the GPIO_NO_WAKE_IRQ check in the irq-qcom-mpm driver as soon as they become available. Monitor Linux kernel mailing lists and Qualcomm chipset vendor advisories for updates. 2) For embedded and IoT devices using Qualcomm chipsets, coordinate with hardware vendors to obtain firmware or kernel updates incorporating the fix. 3) Conduct thorough testing of kernel updates in controlled environments to ensure stability and compatibility before deployment. 4) Implement monitoring for kernel crashes and system logs related to GPIO interrupt handling to detect potential exploitation attempts or accidental triggers. 5) Limit access to systems and processes capable of configuring GPIO interrupts to trusted administrators and software components to reduce the risk of malicious triggering. 6) For critical infrastructure and industrial control systems, consider network segmentation and isolation of affected devices to minimize impact in case of a crash. 7) Maintain an inventory of devices running affected Linux kernel versions on Qualcomm chipsets to prioritize patching and risk assessment. These measures go beyond generic advice by focusing on the specific driver and chipset context of the vulnerability and emphasizing proactive patch management and monitoring.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Sweden, Finland
CVE-2025-37901: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs On Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not have a corresponding MPM pin and should not be handled inside the MPM driver. The IRQ domain hierarchy is always applied, so it's required to explicitly disconnect the hierarchy for those. The pinctrl-msm driver marks these with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but irq-qcom-mpm is currently missing the check. This is causing crashes when setting up interrupts for non-wake GPIOs: root@rb1:~# gpiomon -c gpiochip1 10 irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1 Unable to handle kernel paging request at virtual address ffff8000a1dc3820 Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT) pc : mpm_set_type+0x80/0xcc lr : mpm_set_type+0x5c/0xcc Call trace: mpm_set_type+0x80/0xcc (P) qcom_mpm_set_type+0x64/0x158 irq_chip_set_type_parent+0x20/0x38 msm_gpio_irq_set_type+0x50/0x530 __irq_set_trigger+0x60/0x184 __setup_irq+0x304/0x6bc request_threaded_irq+0xc8/0x19c edge_detector_setup+0x260/0x364 linereq_create+0x420/0x5a8 gpio_ioctl+0x2d4/0x6c0 Fix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that MPM is removed entirely from the hierarchy for non-wake GPIOs.
AI-Powered Analysis
Technical Analysis
CVE-2025-37901 is a vulnerability identified in the Linux kernel specifically affecting the Qualcomm MPM (Modem Power Management) interrupt controller driver (irqchip/qcom-mpm). The issue arises because the driver does not properly handle non-wake GPIOs (General Purpose Input/Output pins) on Qualcomm chipsets. Not all GPIOs are wakeup capable; those that are not do not have a corresponding MPM pin and should be excluded from the MPM driver's interrupt handling hierarchy. The pinctrl-msm driver marks these non-wake GPIOs with the GPIO_NO_WAKE_IRQ flag, and the qcom-pdc driver correctly checks for this flag. However, the irq-qcom-mpm driver lacks this check, leading to attempts to handle interrupts for non-wake GPIOs improperly. This results in kernel crashes due to invalid memory access, as demonstrated by kernel paging faults during interrupt setup for such GPIOs. The root cause is that the IRQ domain hierarchy is not explicitly disconnected for non-wake GPIOs in the MPM driver, causing the driver to access invalid memory addresses. The fix involves adding a check for GPIO_NO_WAKE_IRQ in the irq-qcom-mpm driver, effectively removing non-wake GPIOs from the MPM interrupt hierarchy and preventing the crash. This vulnerability affects Linux kernel versions containing the specified commit hashes and is particularly relevant for devices using Qualcomm chipsets with the affected MPM driver implementation. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2025-37901 depends largely on their use of Linux-based systems running on Qualcomm chipsets, especially embedded or IoT devices, industrial controllers, or robotics platforms that utilize the affected MPM driver. The vulnerability causes kernel crashes when handling interrupts for non-wake GPIOs, leading to potential denial of service (DoS) conditions. This can disrupt critical operations, cause system instability, or require device reboots, impacting availability. While it does not directly lead to privilege escalation or data leakage, the resulting instability could be exploited as part of a larger attack chain or cause operational downtime. Organizations in sectors such as manufacturing, robotics, telecommunications, and embedded systems development within Europe may be particularly affected. The vulnerability may also impact developers and vendors who build custom Linux kernels for Qualcomm-based hardware. Since no authentication or user interaction is required to trigger the crash (it occurs during interrupt setup), the attack surface includes any process or driver that configures GPIO interrupts, increasing the risk of accidental or malicious triggering. However, the lack of known exploits and the technical specificity of the vulnerability somewhat limit immediate widespread impact.
Mitigation Recommendations
European organizations should take the following specific mitigation steps: 1) Apply the official Linux kernel patches that introduce the GPIO_NO_WAKE_IRQ check in the irq-qcom-mpm driver as soon as they become available. Monitor Linux kernel mailing lists and Qualcomm chipset vendor advisories for updates. 2) For embedded and IoT devices using Qualcomm chipsets, coordinate with hardware vendors to obtain firmware or kernel updates incorporating the fix. 3) Conduct thorough testing of kernel updates in controlled environments to ensure stability and compatibility before deployment. 4) Implement monitoring for kernel crashes and system logs related to GPIO interrupt handling to detect potential exploitation attempts or accidental triggers. 5) Limit access to systems and processes capable of configuring GPIO interrupts to trusted administrators and software components to reduce the risk of malicious triggering. 6) For critical infrastructure and industrial control systems, consider network segmentation and isolation of affected devices to minimize impact in case of a crash. 7) Maintain an inventory of devices running affected Linux kernel versions on Qualcomm chipsets to prioritize patching and risk assessment. These measures go beyond generic advice by focusing on the specific driver and chipset context of the vulnerability and emphasizing proactive patch management and monitoring.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-04-16T04:51:23.965Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682cd0f71484d88663aeaf43
Added to database: 5/20/2025, 6:59:03 PM
Last enriched: 7/4/2025, 1:24:59 AM
Last updated: 8/14/2025, 10:17:29 AM
Views: 16
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.