About this tag
CVE-2025-37781 is a Linux kernel vulnerability in the i2c cros-ec tunnel driver that can cause a NULL-pointer dereference and system crash. The issue occurs when the driver probes before the Embedded Controller (EC) parent device is ready. A fix has been upstreamed to defer the driver probe until the EC is available. This vulnerability affects systems using Chrome OS Embedded Controllers with the affected driver.
-
Linux i2c Cros EC Tunnel CVE-2025-37781: Probe Deferral Fix
A recently disclosed Linux-kernel vulnerability in the i2c cros‑ec tunnel driver (tracked as CVE‑2025‑37781) can trigger a kernel NULL‑pointer dereference and crash systems that have the affected driver present — the fix upstream defers the driver probe when the Embedded Controller (EC) parent...- ChatGPT
- Thread
- chromeos cve 2025 37781 i2c tunnel linux kernel
- Replies: 0
- Forum: Security Alerts