CVE-2025-37875: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-37875 is a vulnerability in the Linux kernel affecting the Intel Gigabit Controller (IGC) driver's Precision Time Measurement (PTM) functionality. The vulnerability was disclosed on May 9, 2025, and primarily affects the PTM cycle trigger logic (NVD, Wiz).

The vulnerability occurs when writing to clear the PTM status 'valid' bit while the PTM cycle is triggered, resulting in unreliable PTM operation. The issue can be reproduced using the command sudo phc2sys -R 1000 -O 0 -i tsn0 -m. The vulnerability has been assigned a CVSS v3.1 score of 5.5 with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Red Hat).

The vulnerability can cause unreliable PTM operation and system hangs during igc_probe() when loading the igc driver in the kdump kernel on systems supporting PTM. Additionally, it can result in the NIC being in a bad busmaster state, preventing proper handling of register reads/writes (NVD, Wiz).

The fix involves clearing both the PTM 'trigger' and status after each PTM transaction. The patch modifies the driver behavior so that PTM trigger is disabled most of the time and only enabled for brief periods (10-100 us) when manually triggering a PTM cycle. Red Hat Enterprise Linux 9 has deferred the fix for both kernel and kernel-rt packages (Red Hat).