Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: asus-wmi: Fix racy registrations asus_wmi_register_driver() may be called from multiple drivers concurrently, which can lead to the racy list operations, eventually corrupting the memory and hitting Oops on some ASUS machines. Also, the error handling is missing, and it forgot to unregister ACPI lps0 dev ops in the error case. This patch covers those issues by introducing a simple mutex at acpi_wmi_register_driver() & *_unregister_driver, and adding the proper call of asus_s2idle_check_unregister() in the error path.

INFO

Published Date :

2025-09-19T15:26:12.152Z

Last Modified :

2026-01-14T19:23:12.029Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-39837 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-39837.

URL Resource
https://git.kernel.org/stable/c/5549202b9c02c2ecbc8634768a3da8d9e82d548d cve-icon cve-icon
https://git.kernel.org/stable/c/e7a70326fb26b905cfc8fe2366113aa4394733ef cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025091902-CVE-2025-39837-eec6@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-39837 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-39837 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact