CVE-2025-37917
📋 TL;DR
A race condition vulnerability in the MediaTek Star EMAC network driver for Linux kernels allows spinlock recursion when DMA interrupts are re-enabled during RX/TX polling. This can cause kernel panics and system crashes, affecting systems using MediaTek MT8365 or similar chipsets with the mtk-star-emac driver.
💻 Affected Systems
- Linux kernel with mtk-star-emac driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to complete system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
System instability, network interface failures, or kernel crashes under high network load conditions.
If Mitigated
Minor performance impact or occasional network hiccups if system is lightly loaded.
🎯 Exploit Status
Exploitation requires sending network traffic to trigger the race condition, but specific exploit details are not publicly documented.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in kernel commits: 6fe0866014486736cc3ba1c6fd4606d3dbe55c9c, 7cb10f17bddc415f30fbc00a4e2b490e0d94c462, 8d40bf73fa7f31eac2b0a7c9d85de67df82ee7f3, 94107259f972d2fd896dbbcaa176b3b2451ff9e5, bedd287fdd3142dffad7ae2ac6ef15f4a2ad0629
Vendor Advisory: https://git.kernel.org/stable/c/6fe0866014486736cc3ba1c6fd4606d3dbe55c9c
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify driver is using spin_lock_irqsave/spin_unlock_irqrestore instead of spin_lock/spin_unlock.
🔧 Temporary Workarounds
Disable mtk-star-emac driver
linuxRemove or blacklist the vulnerable driver if alternative network interface is available
echo 'blacklist mtk_star_emac' >> /etc/modprobe.d/blacklist.conf
rmmod mtk_star_emac
Limit network traffic
linuxUse traffic shaping to reduce network load on affected interfaces
tc qdisc add dev eth0 root tbf rate 100mbit burst 32kbit latency 400ms
🧯 If You Can't Patch
- Isolate affected systems from untrusted networks
- Implement network monitoring for crash indicators
🔍 How to Verify
Check if Vulnerable:
Check if mtk-star-emac driver is loaded: lsmod | grep mtk_star_emacCheck Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits or examine driver source for spin_lock_irqsave usage📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- 'spinlock recursion' in kernel logs
- Network interface resets or failures
Network Indicators:
- Sudden loss of network connectivity on affected interfaces
- Increased network retransmissions
SIEM Query:
event_source="kernel" AND (message="spinlock recursion" OR message="BUG: spinlock recursion")🔗 References
- https://git.kernel.org/stable/c/6fe0866014486736cc3ba1c6fd4606d3dbe55c9c
- https://git.kernel.org/stable/c/7cb10f17bddc415f30fbc00a4e2b490e0d94c462
- https://git.kernel.org/stable/c/8d40bf73fa7f31eac2b0a7c9d85de67df82ee7f3
- https://git.kernel.org/stable/c/94107259f972d2fd896dbbcaa176b3b2451ff9e5
- https://git.kernel.org/stable/c/bedd287fdd3142dffad7ae2ac6ef15f4a2ad0629
- https://git.kernel.org/stable/c/d886f8d85494d12b2752fd7c6c32162d982d5dd5
- https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
