CVE-2025-37875

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> igc: fix PTM cycle trigger logic<br /> <br /> Writing to clear the PTM status &amp;#39;valid&amp;#39; bit while the PTM cycle is<br /> triggered results in unreliable PTM operation. To fix this, clear the<br /> PTM &amp;#39;trigger&amp;#39; and status after each PTM transaction.<br /> <br /> The issue can be reproduced with the following:<br /> <br /> $ sudo phc2sys -R 1000 -O 0 -i tsn0 -m<br /> <br /> Note: 1000 Hz (-R 1000) is unrealistically large, but provides a way to<br /> quickly reproduce the issue.<br /> <br /> PHC2SYS exits with:<br /> <br /> "ioctl PTP_OFFSET_PRECISE: Connection timed out" when the PTM transaction<br /> fails<br /> <br /> This patch also fixes a hang in igc_probe() when loading the igc<br /> driver in the kdump kernel on systems supporting PTM.<br /> <br /> The igc driver running in the base kernel enables PTM trigger in<br /> igc_probe(). Therefore the driver is always in PTM trigger mode,<br /> except in brief periods when manually triggering a PTM cycle.<br /> <br /> When a crash occurs, the NIC is reset while PTM trigger is enabled.<br /> Due to a hardware problem, the NIC is subsequently in a bad busmaster<br /> state and doesn&amp;#39;t handle register reads/writes. When running<br /> igc_probe() in the kdump kernel, the first register access to a NIC<br /> register hangs driver probing and ultimately breaks kdump.<br /> <br /> With this patch, igc has PTM trigger disabled most of the time,<br /> and the trigger is only enabled for very brief (10 - 100 us) periods<br /> when manually triggering a PTM cycle. Chances that a crash occurs<br /> during a PTM trigger are not 0, but extremely reduced.