CVE-2025-37935

high

Description

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix SER panic with 4GB+ RAM If the mtk_poll_rx() function detects the MTK_RESETTING flag, it will jump to release_desc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtk_rx_clean will process an incorrect SDP, leading to a panic. Add patch from MediaTek's SDK to resolve this.

References

https://git.kernel.org/stable/c/cb625f783f70dc6614f03612b8e64ad99cb0a13c

https://git.kernel.org/stable/c/6e0490fc36cdac696f96e57b61d93b9ae32e0f4c

https://git.kernel.org/stable/c/67619cf69dec5d1d7792808dfa548616742dd51d

https://git.kernel.org/stable/c/317013d1ad13524be02d60b9e98f08fbd13f8c14

Details

Source: Mitre, NVD

Published: 2025-05-20

Updated: 2025-05-21

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00018