CVE-2025-37815

misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration

Description

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing the current interrupt state before handling the interrupt request using generic_handle_irq. A previous fix patch was submitted where 'generic_handle_irq' was replaced with 'handle_nested_irq'. However, this change also causes the kernel panic where after determining which GPIO triggered the interrupt and attempting to call handle_nested_irq with the mapped IRQ number, leads to a failure in locating the registered handler.

N/A
CVSS
Severity:
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/1263d5f581908602c618c6665e683c4436383a09
https://git.kernel.org/stable/c/62957f58ab3aa7fa792dc6ff3575624062539a4d
https://git.kernel.org/stable/c/12cc2193f2b9548e8ea5fbce8201b44158222edf
https://git.kernel.org/stable/c/4e02059dc91068bc5017b8546f9ec3b930f6d6a6
https://git.kernel.org/stable/c/18eb77c75ed01439f96ae5c0f33461eb5134b907

Frequently Asked Questions

What is the severity of CVE-2025-37815?
CVE-2025-37815 has not yet been assigned a CVSS score.
How to fix CVE-2025-37815?
To fix CVE-2025-37815, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-37815 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-37815 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-37815?
CVE-2025-37815 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.