cve 2025 37771

About this tag
CVE-2025-37771 is a Linux kernel robustness vulnerability in the AMD DRM power-management code (drm/amd/pm) that allows a user-settable speed value to reach a magnitude that could cause issues. Microsoft has acknowledged that Azure Linux includes the affected open-source library and is potentially impacted, but this does not guarantee that no other Microsoft products or kernel images contain the same vulnerable upstream Linux code. Discussions on WindowsForum.com focus on understanding the scope of this CVE across Microsoft products, particularly Azure Linux, and the implications for enterprise IT environments relying on Microsoft's Linux-based offerings.
  1. Azure Linux CVE-2025-37771: Attestation Limits Across Microsoft Products

    Microsoft’s brief public mapping for CVE-2025-37771—“Azure Linux includes this open‑source library and is therefore potentially affected”—is accurate for the product Microsoft has inspected, but it is not a categorical guarantee that no other Microsoft product or kernel image could include the...