Vulnerability Details
Basic Information
| Title | CVE-2025-37800 |
|---|---|
| Type | cve |
| Published | 2025-05-08T07:15:50 |
| Last Seen | 2025-05-08T07:26:00 |
| CVSS Score | 0.0 () |
CVSS v3 Details
| Attack Vector | |
|---|---|
| Attack Complexity | |
| Privileges Required | |
| User Interaction | |
| Scope | |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
CVE Information
| CVE IDs | CVE-2025-37800 |
|---|---|
| CWE | |
| Bulletin Family | cve |
Description
In the Linux kernel, the following vulnerability has been resolved:
driver core: fix potential NULL pointer dereference in dev_uevent()
If userspace reads “uevent” device attribute at the same time as another
threads unbinds the device from its driver, change to dev->driver from a
valid pointer to NULL may result in crash. Fix this by using READ_ONCE()
when fetching the pointer, and take bus’ drivers klist lock to make sure
driver instance will not disappear while we access it.
Use WRITE_ONCE() when setting the driver pointer to ensure there is no
tearing.
Impact Assessment
| Base Score | 0.0 |
|---|---|
| Severity |