CVE-2025-37887 pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result

🗓️ 09 May 2025 06:45:49Reported by LinuxType

Fixed vulnerability CVE-2025-37887 in Linux kernel to handle unsupported firmware control command.

Reporter	Title	Published	Views	Family All 194
AstraLinux	Astra Linux – Vulnerability in Linux 5.10	3 May 202623:59	–	astralinux
Tenable Nessus	Azure Linux 3.0 Security Update: kernel (CVE-2025-37887)	22 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20480)	18 Jul 202500:00	–	nessus
Tenable Nessus	Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20530)	19 Aug 202500:00	–	nessus
Tenable Nessus	Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-25757)	12 Nov 202500:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : kernel (SUSE-SU-2025:01919-1)	27 Jun 202500:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2025:01951-1)	27 Jun 202500:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:01964-1)	27 Jun 202500:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:01965-1)	27 Jun 202500:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : kernel (SUSE-SU-2025:01967-1)	27 Jun 202500:00	–	nessus

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/amd/pds_core/devlink.c"
    ],
    "versions": [
      {
        "version": "45d76f492938cdc27ddadc16e1e75103f4cfbf56",
        "lessThan": "cdd784c96fe2e5edbf0ed9b3e96fe776e8092385",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "45d76f492938cdc27ddadc16e1e75103f4cfbf56",
        "lessThan": "6702f5c6b22deaa95bf84f526148174a160a02cb",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "45d76f492938cdc27ddadc16e1e75103f4cfbf56",
        "lessThan": "12a4651a80dbe4589a84e26785fbbe1ed4d043b7",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "45d76f492938cdc27ddadc16e1e75103f4cfbf56",
        "lessThan": "2567daad69cd1107fc0ec29b1615f110d7cf7385",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/amd/pds_core/devlink.c"
    ],
    "versions": [
      {
        "version": "6.4",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.4",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.89",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.26",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.14.5",
        "lessThanOrEqual": "6.14.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.15",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/6702f5c6b22deaa95bf84f526148174a160a02cb
git	www.git.kernel.org/stable/c/12a4651a80dbe4589a84e26785fbbe1ed4d043b7
git	www.git.kernel.org/stable/c/cdd784c96fe2e5edbf0ed9b3e96fe776e8092385
git	www.git.kernel.org/stable/c/2567daad69cd1107fc0ec29b1615f110d7cf7385

11 May 2026 21:17Current

EPSS0.0022

cve vulnerability linux kernel firmware command crash stack initialization