CVE-2025-37791: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability (CVE-2025-37791) was discovered in the Linux kernel's ethtool component, specifically affecting the ethtoolcmismodule_poll() function. The vulnerability was disclosed on May 1, 2025, and involves an incorrect size calculation when handling the rpl pointer in the ethtool subsystem (NVD, Wiz).

The vulnerability stems from a size calculation error where rpl is passed as a pointer to ethtoolcmismodulepoll(). The function incorrectly uses the pointer size instead of sizeof(*rpl), which should be 1 byte. This improper calculation leads to stack corruption, resulting in a kernel panic with the error message: 'Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ethtoolcmiswaitfor_cond+0xf4/0x100'. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Red Hat, NVD).

When exploited, this vulnerability causes stack corruption that leads to kernel panic, effectively causing a denial of service condition. The issue affects systems running the vulnerable Linux kernel versions, particularly impacting the ethtool subsystem's functionality (Wiz).

The vulnerability has been resolved in the Linux kernel through patches that correct the rpl size calculation in ethtoolcmismodule_poll(). Fixed versions are available in various Linux distributions, including Debian's trixie and sid releases (version 6.12.25-1 and later). Red Hat Enterprise Linux 9 has deferred the fix for both kernel and kernel-rt packages (Debian, Red Hat).