CVE-2025-37746 – A Linux kernel vulnerability in the perf/dwc

Q: What is the severity of CVE-2025-37746?

CVE-2025-37746 has a CVSS score of 5.5 (MEDIUM). A Linux kernel vulnerability in the perf/dwc_pcie driver causes duplicate pci_dev devices during platform_device_register, leading to memory corruption. This affects systems using the affected kernel versions with the perf/dwc_pcie driver loaded. The corruption can cause system instability or crashes.

📋 TL;DR

A Linux kernel vulnerability in the perf/dwc_pcie driver causes duplicate pci_dev devices during platform_device_register, leading to memory corruption. This affects systems using the affected kernel versions with the perf/dwc_pcie driver loaded. The corruption can cause system instability or crashes.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated in CVE, but patches exist in stable kernel trees.

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if the perf/dwc_pcie driver is loaded and used. Many systems may not have this driver active.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash due to list corruption, potentially leading to denial of service or data loss.

🟠

Likely Case

System instability, kernel crashes, or performance monitoring failures in systems using the affected driver.

🟢

If Mitigated

Minimal impact if the driver is not loaded or system is patched.

🌐 Internet-Facing: LOW - This is a kernel-level driver issue not directly exposed to network interfaces.

🏢 Internal Only: MEDIUM - Affects system stability but requires local access or specific driver usage.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires triggering the specific driver functionality and would likely cause system instability rather than privilege escalation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits 7f35b429802a8065aa61e2a3f567089649f4d98e and a71c6fc87b2b9905dc2e38887fe4122287216be9)

Vendor Advisory: https://git.kernel.org/stable/c/7f35b429802a8065aa61e2a3f567089649f4d98e

Restart Required: Yes

Instructions:

1. Update to a patched kernel version from your distribution vendor. 2. Reboot the system to load the new kernel.

🔧 Temporary Workarounds

Disable perf/dwc_pcie driver

linux

Prevent loading of the vulnerable driver module

echo 'blacklist dwc_pcie' >> /etc/modprobe.d/blacklist.conf
rmmod dwc_pcie

🧯 If You Can't Patch

Ensure the dwc_pcie driver is not loaded on affected systems
Monitor system logs for kernel panics or instability related to PCI devices

🔍 How to Verify

Check if Vulnerable:

Check if dwc_pcie driver is loaded: lsmod | grep dwc_pcie

Check Version:

uname -r

Verify Fix Applied:

Check kernel version against patched versions from your distribution vendor

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
PCI device errors in dmesg
System instability/crashes

Network Indicators:

None - this is a local driver issue

SIEM Query:

Search for kernel panic events or PCI-related errors in system logs

📊 Metadata

CVE ID: CVE-2025-37746

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-704

EPSS Score: 0.03% exploit probability (9.6th percentile)

Published: May 1, 2025

Last Updated: November 5, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-37746, you might also want to check these: