CVE-2025-37971
📋 TL;DR
This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's bcm2835-camera driver. When exploited, it causes a kernel panic (system crash) on devices using the Broadcom VideoCore camera interface. This affects Linux systems with the vulnerable staging driver loaded, particularly Raspberry Pi devices and other embedded systems using this hardware.
💻 Affected Systems
- Linux kernel with bcm2835-camera staging driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system crash (kernel panic) leading to denial of service, potentially requiring physical reboot of affected devices.
Likely Case
System crash when the camera driver is initialized, affecting devices that use or attempt to use the bcm2835 camera hardware.
If Mitigated
No impact if the vulnerable driver module is not loaded or the hardware is not present.
🎯 Exploit Status
Exploitation requires ability to trigger camera driver initialization, typically requiring local access. The vulnerability is triggered during normal driver probe operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 06753f49336ab161ea0e249a0720125b81b7b31b, 98698ca0e58734bc5c1c24e5bbc7429f981cd186, b70bdd4923e8b8edbacde2af83ca337bb7005261
Vendor Advisory: https://git.kernel.org/stable/c/06753f49336ab161ea0e249a0720125b81b7b31b
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. For Raspberry Pi OS: Update via 'sudo apt update && sudo apt full-upgrade'. 3. For other distributions: Update kernel package through standard package manager. 4. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable vulnerable driver module
linuxPrevent loading of the bcm2835-camera staging driver
echo 'blacklist bcm2835_v4l2' | sudo tee /etc/modprobe.d/blacklist-bcm2835.conf
sudo modprobe -r bcm2835_v4l2
Disable camera hardware
linuxDisable camera interface in device tree or boot configuration
Add 'disable_camera_led=1' to /boot/config.txt on Raspberry Pi
🧯 If You Can't Patch
- Ensure the bcm2835-camera driver is not loaded by checking 'lsmod | grep bcm2835' and blacklisting if present
- Restrict local user access to systems with vulnerable driver loaded
🔍 How to Verify
Check if Vulnerable:
Check if bcm2835_v4l2 module is loaded: 'lsmod | grep bcm2835_v4l2'. If loaded and kernel version is vulnerable, system is at risk.Check Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits: 'uname -r' and verify against patched versions. Also verify driver loads without crash.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- 'NULL pointer dereference' errors related to bcm2835 or v4l2
- System crash/reboot events when camera hardware accessed
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
source="kernel" AND ("NULL pointer" OR "kernel panic") AND ("bcm2835" OR "v4l2" OR "mmal")