Login Sign Up

CVE-2025-37967

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a deadlock vulnerability in the Linux kernel's UCSI DisplayPort driver. When a USB Type-C device with DisplayPort alternate mode is connected, a race condition can cause the system to freeze, requiring a hard reboot. This affects any Linux system using USB Type-C with DisplayPort functionality.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions containing the vulnerable UCSI DisplayPort code (specific versions not specified in CVE)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with USB Type-C ports supporting DisplayPort alternate mode. Requires physical access to trigger via device connection.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

System becomes completely unresponsive, requiring physical power cycle or hard reset, potentially causing data loss or service disruption.

🟠

Likely Case

System freeze when connecting/disconnecting USB Type-C DisplayPort devices, requiring manual reboot.

🟢

If Mitigated

Minor service interruption during device connection/disconnection events.

🌐 Internet-Facing: LOW - This is a local hardware interaction vulnerability requiring physical device connection.
🏢 Internal Only: MEDIUM - Affects workstations and servers with USB Type-C ports, particularly those used for docking stations or external displays.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires physical access to connect a USB Type-C device with DisplayPort support. Not remotely exploitable.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 364618c89d4c57c85e5fc51a2446cd939bf57802, 5924b324468845fc795bd76f588f51d7ab4f202d, 61fc1a8e1e10cc784cab5829930838aaf1d37af5, 962ce9028ca6eb450d5c205238a3ee27de9d214d, f32451ca4cb7dc53f2a0e2e66b84d34162747eb7

Vendor Advisory: https://git.kernel.org/stable/c/364618c89d4c57c85e5fc51a2446cd939bf57802

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check with your distribution's package manager for kernel updates. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable USB Type-C DisplayPort functionality

linux

Prevent the deadlock by disabling DisplayPort alternate mode on USB Type-C ports

echo 0 > /sys/bus/usb/devices/*/typec/*/displayport/alternate_mode

Avoid hot-plugging USB Type-C DisplayPort devices

all

Connect USB Type-C DisplayPort devices before booting and keep them connected

🧯 If You Can't Patch

  • Restrict physical access to USB Type-C ports on critical systems
  • Use USB Type-A to DisplayPort adapters instead of direct Type-C connections

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if UCSI DisplayPort module is loaded: lsmod | grep ucsi && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version contains fix commits: git log --oneline | grep -E '364618c89d4c|5924b3244688|61fc1a8e1e10|962ce9028ca6|f32451ca4cb7'

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • System freeze events in system logs
  • USB Type-C connection/disconnection errors

Network Indicators:

  • Sudden loss of connectivity from affected system

SIEM Query:

source="kernel" AND ("panic" OR "deadlock" OR "UCSI" OR "DisplayPort")

📊 Metadata

CVE ID: CVE-2025-37967
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-667
EPSS Score: 0.03% exploit probability (6.6th percentile)
Published: May 20, 2025
Last Updated: December 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-37967, you might also want to check these:

CVE-2020-12658 9.8

CVE-2020-12658 is a critical vulnerability in gssproxy (GSS-API proxy daemon) where improper mutex h...

Same vulnerability type (CWE-667)
CVE-2020-11284 8.4

This vulnerability allows non-secure boot loaders to unlock and modify memory regions that should re...

Same vulnerability type (CWE-667)
CVE-2021-22530 8.2

CVE-2021-22530 is an authentication bypass vulnerability in NetIQ Advanced Authentication that allow...

Same vulnerability type (CWE-667)