CVE-2025-37972 is a vulnerability identified in the Linux kernel specifically related to the mtk-pmic-keys driver, which handles power management integrated circuit (PMIC) key inputs on certain MediaTek platforms. The root cause of the vulnerability is a possible null pointer dereference in the function mtk_pmic_keys_probe. This function attempts to set up input keys based on device tree configurations. However, on hardware where the button input is left floating or disabled, the corresponding device tree node is typically removed to prevent enabling that input. In such cases, the regs parameter, which should point to the register structure, remains unset (null). The vulnerable code then attempts to dereference this null pointer, leading to a potential kernel crash or denial of service. The fix involves using a regs struct that is defined for all supported platforms regardless of the device tree node presence. This approach avoids dereferencing a null pointer by always referencing a valid structure, even if the key register is disabled and its interrupt is not enabled. This vulnerability is specific to certain Linux kernel versions identified by the commit hash b581acb49aec5c3b0af9ab1c537fb73481b79069 and affects systems using the MediaTek PMIC keys driver. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet. The vulnerability primarily risks system stability by causing kernel crashes due to null pointer dereference, which can be triggered without authentication or user interaction if the affected driver is loaded and the hardware configuration matches the described scenario.

For European organizations, the impact of CVE-2025-37972 centers on system availability and reliability. Systems running vulnerable Linux kernel versions on MediaTek platforms with the mtk-pmic-keys driver could experience kernel panics or crashes, leading to denial of service conditions. This could disrupt critical infrastructure, embedded devices, or enterprise systems that rely on these platforms. Although the vulnerability does not directly expose confidentiality or integrity risks, the resulting downtime could affect operational continuity, especially in sectors like telecommunications, manufacturing, or IoT deployments where MediaTek hardware is prevalent. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to potential future exploitation. European organizations with embedded Linux devices or servers using affected kernels should be aware of this threat to prevent unexpected outages. The vulnerability's exploitation does not require user interaction or authentication, increasing the risk if vulnerable devices are exposed or accessible within internal networks.

To mitigate CVE-2025-37972, European organizations should: 1) Identify all Linux systems running the affected kernel versions, particularly those using MediaTek hardware with the mtk-pmic-keys driver. 2) Apply the official Linux kernel patches or updates that address this null pointer dereference vulnerability as soon as they become available. 3) For embedded or IoT devices where kernel updates may be delayed, consider disabling the mtk-pmic-keys driver if the hardware configuration does not require it, thereby eliminating the vulnerable code path. 4) Implement monitoring for kernel crashes or unexpected reboots that could indicate exploitation attempts or trigger conditions. 5) Restrict network access to vulnerable devices to reduce exposure, especially from untrusted networks. 6) Engage with hardware and software vendors to ensure timely updates and support for affected platforms. These steps go beyond generic advice by focusing on hardware-specific driver management and proactive system inventory and monitoring.