CVE-2025-37819 – “Linux Kernel GICv2m Use After Free Vulnerability in irqchip”

May 8, 2025

CVE ID : CVE-2025-37819

Published : May 8, 2025, 7:15 a.m. | 58 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()

With ACPI in place, gicv2m_get_fwnode() is registered with the pci
subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime
during a PCI host bridge probe. But, the call back is wrongly marked as
__init, causing it to be freed, while being registered with the PCI
subsystem and could trigger:

Unable to handle kernel paging request at virtual address ffff8000816c0400
gicv2m_get_fwnode+0x0/0x58 (P)
pci_set_bus_msi_domain+0x74/0x88
pci_register_host_bridge+0x194/0x548

This is easily reproducible on a Juno board with ACPI boot.

Retain the function for later use.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-37823 – Linux Kernel Net-Sched HFSC Use-After-Free Vulnerability

Next Article CVE-2025-37827 – Here is a title for the vulnerability: “btrfs: RAID1 Profile Write Pointer Offset Mismatch NULL Pointer Dereference”

Highlights

CVE-2025-1551 – IBM Operational Decision Manager Cross-Site Scripting Vulnerability

April 29, 2025

CVE ID : CVE-2025-1551

Published : April 29, 2025, 4:15 p.m. | 31 minutes ago

Description : IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, and 9.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

I recommend this Chromebook over many Windows laptops that cost twice as much

Why I recommend this flagship TCL TV over OLED models that cost more (and don’t regret it)

Finally, a Lenovo ThinkPad that impressed me in performance, design, and battery life

3 productivity gadgets I can’t work without (and why they make such a big difference)

SQL Joins

SQL Joins

Dividing Collections with Laravel’s splitIn Helper

PayHere for Laravel

Distribution Release: IPFire 2.29 Core 195

Distribution Release: IPFire 2.29 Core 195

TeleSculptor – transforms aerial videos and images into Geospatial 3D models

Rilasciato IceWM 3.8: Gestore di Finestre per il Sistema X

CVE-2025-37819 – “Linux Kernel GICv2m Use After Free Vulnerability in irqchip”

Canada says Salt Typhoon hacked telecom firm via Cisco flaw

Critical Teleport Vulnerability Let Attackers Remotely Bypass Authentication Controls

CVE-2025-5736 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow

1fr 1fr vs auto auto vs 50% 50%

Enable ESM in Ubuntu 20.04 LTS to Continue Getting Updates

Lost in Translation: How to Overcome Miscommunication Between Clients and Business Analysts

CVE-2025-1551 – IBM Operational Decision Manager Cross-Site Scripting Vulnerability

Agent mode 101: All about GitHub Copilot’s powerful mode

Why Is My Shopify Store So Slow? Performance Optimization Techniques

Microsoft Edge will lose all these features this month

CVE-2025-37819 – “Linux Kernel GICv2m Use After Free Vulnerability in irqchip”

Related Posts