Linux Kernel up to 6.12.25/6.14.4/6.15-rc3 pds_core denial of service

Summaryinfo

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.25/6.14.4/6.15-rc3. This affects an unknown function of the component pds_core. The manipulation leads to denial of service. This vulnerability is traded as CVE-2025-37987. There is no exploit available. It is advisable to upgrade the affected component.

Detailsinfo

A vulnerability was found in Linux Kernel up to 6.12.25/6.14.4/6.15-rc3. It has been rated as critical. This issue affects an unknown functionality of the component pds_core. The manipulation with an unknown input leads to a denial of service vulnerability. Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. Impacted is availability. The summary by CVE is:

In the Linux kernel, the following vulnerability has been resolved: pds_core: Prevent possible adminq overflow/stuck condition The pds_core's adminq is protected by the adminq_lock, which prevents more than 1 command to be posted onto it at any one time. This makes it so the client drivers cannot simultaneously post adminq commands. However, the completions happen in a different context, which means multiple adminq commands can be posted sequentially and all waiting on completion. On the FW side, the backing adminq request queue is only 16 entries long and the retry mechanism and/or overflow/stuck prevention is lacking. This can cause the adminq to get stuck, so commands are no longer processed and completions are no longer sent by the FW. As an initial fix, prevent more than 16 outstanding adminq commands so there's no way to cause the adminq from getting stuck. This works because the backing adminq request queue will never have more than 16 pending adminq commands, so it will never overflow. This is done by reducing the adminq depth to 16.

It is possible to read the advisory at git.kernel.org. The identification of this vulnerability is CVE-2025-37987 since 04/16/2025. The technical details are unknown and an exploit is not publicly available.

The vulnerability scanner Nessus provides a plugin with the ID 240657 (Ubuntu 25.04 : Linux kernel vulnerabilities (USN-7594-1)), which helps to determine the existence of the flaw in a target environment.

Upgrading to version 6.12.26, 6.14.5 or 6.15-rc4 eliminates this vulnerability. Applying the patch 2982e07ad72b48eb12c29a87a3f2126ea552688c/5e3dc65675faad846420d24762e4faadc12d9392/d9e2f070d8af60f2c8c02b2ddf0a9e90b4e9220c is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.

The vulnerability is also documented in the databases at Tenable (240657), EUVD (EUVD-2025-15865) and CERT Bund (WID-SEC-2025-1114). Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Affected

• Debian Linux
• Amazon Linux 2
• Red Hat Enterprise Linux
• Ubuntu Linux
• SUSE Linux
• Oracle Linux
• SUSE openSUSE
• Dell Avamar
• Open Source Linux Kernel
• Dell NetWorker
• Dell Secure Connect Gateway

Productinfo

Type

• Operating System

Vendor

• Linux

Name

• Kernel

Version

• 6.12.0
• 6.12.1
• 6.12.2
• 6.12.3
• 6.12.4
• 6.12.5
• 6.12.6
• 6.12.7
• 6.12.8
• 6.12.9
• 6.12.10
• 6.12.11
• 6.12.12
• 6.12.13
• 6.12.14
• 6.12.15
• 6.12.16
• 6.12.17
• 6.12.18
• 6.12.19
• 6.12.20
• 6.12.21
• 6.12.22
• 6.12.23
• 6.12.24
• 6.12.25
• 6.14.0
• 6.14.1
• 6.14.2
• 6.14.3
• 6.14.4
• 6.15-rc1
• 6.15-rc2
• 6.15-rc3

License

• open-source

Website

• Vendor: https://www.kernel.org/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Discussion