You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 37833
About this tag
CVE-2025-37833 is a Linux kernel vulnerability in the net/niu driver family, disclosed in May 2025. The defect affects MSIX handling, potentially causing a fatal trap when the kernel reads certain MSIX vector registers before the ENTRY_DATA register, notably on SPARC platforms. Microsoft's MSRC note indicates Azure Linux includes the affected open-source library and is potentially impacted, but this does not guarantee other Microsoft products are unaffected. The vulnerability is operational and hardware-interaction centric, not a broad security flaw across all systems. Discussions on WindowsForum clarify the scope and limitations of Microsoft's advisory regarding this Linux-specific issue.
Microsoft’s short MSRC note — that “Azure Linux includes this open‑source library and is therefore potentially affected” — is accurate for the Azure Linux inventory Microsoft has completed, but it is not a categorical guarantee that no other Microsoft product can include the same vulnerable...