{"id":"CVE-2025-37819","summary":"irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n  gicv2m_get_fwnode+0x0/0x58 (P)\n  pci_set_bus_msi_domain+0x74/0x88\n  pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.","modified":"2026-04-16T04:34:50.853643340Z","published":"2025-05-08T06:26:13.975Z","related":["ALSA-2026:1690","ALSA-2026:2212","SUSE-SU-2025:01964-1","SUSE-SU-2025:01965-1","SUSE-SU-2025:02000-1","SUSE-SU-2025:02254-1","SUSE-SU-2025:02307-1","SUSE-SU-2025:02333-1","SUSE-SU-2025:02923-1","SUSE-SU-2025:20408-1","SUSE-SU-2025:20413-1","SUSE-SU-2025:20419-1","SUSE-SU-2025:20421-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37819.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0c241dedc43a036599757cd08f356253fa3e5014"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2f2803e4b5e4df2b08d378deaab78b1681ef9b30"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3318dc299b072a0511d6dfd8367f3304fb6d9827"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3939d6f29d34cdb60e3f68b76e39e00a964a1d51"},{"type":"WEB","url":"https://git.kernel.org/stable/c/47bee0081b483b077c7560bc5358ad101f89c8ef"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b63de43af8d215b0499eac28b2caa4439183efc1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dc0d654eb4179b06d3206e4396d072108b9ba082"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f95659affee301464f0d058d528d96b35b452da8"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37819.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37819"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0644b3daca28dcb320373ae20069c269c9386304"},{"fixed":"0c241dedc43a036599757cd08f356253fa3e5014"},{"fixed":"b63de43af8d215b0499eac28b2caa4439183efc1"},{"fixed":"f95659affee301464f0d058d528d96b35b452da8"},{"fixed":"dc0d654eb4179b06d3206e4396d072108b9ba082"},{"fixed":"2f2803e4b5e4df2b08d378deaab78b1681ef9b30"},{"fixed":"3939d6f29d34cdb60e3f68b76e39e00a964a1d51"},{"fixed":"47bee0081b483b077c7560bc5358ad101f89c8ef"},{"fixed":"3318dc299b072a0511d6dfd8367f3304fb6d9827"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-37819.json"}}],"schema_version":"1.7.5"}