CVE-2025-37746

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

perf/dwc_pcie: fix duplicate pci_dev devices

During platform_device_register, wrongly using struct device pci_dev as platform_data caused a kmemdup copy of pci_dev. Worse still, accessing the duplicated device leads to list corruption as its mutex content (e.g., list, magic) remains the same as the original.

EPSS Score: 0.0013 (0.030)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Incorrect Type Conversion or Cast


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in