PatchSiren cyber security CVE debrief
CVE-2025-37968 Cert Portal CVE debrief
CVE-2025-37968 is an availability issue in the Linux kernel’s opt3001 light sensor driver that can deadlock a threaded IRQ path if a shared flag changes between two reads. In the supplied Siemens/CISA advisory context, the recommended remediation is to update to V5.0 or later.
- Vendor
- Cert Portal
- Product
- Siemens SIMATIC CN 4100 vers:intdot/<5.0
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-12
- Original CVE updated
- 2026-05-14
- Advisory published
- 2026-05-12
- Advisory updated
- 2026-05-14
Who should care
Asset owners, operators, and patch managers responsible for Siemens SIMATIC CN 4100 systems running versions earlier than V5.0 should prioritize this advisory. It is also relevant to teams maintaining Linux-based OT/embedded systems that include the opt3001 driver path.
Technical summary
The advisory describes a race condition in opt3001_irq(): the threaded IRQ function reads a shared flag twice, once before mutex_lock() and again before mutex_unlock(). If the flag is true at lock time but false at unlock time, the code can skip unlocking the mutex and leave the driver deadlocked. The fix is to read the flag once into a local variable and use that same value for both decisions, making the IRQ handler more robust against concurrent flag changes. The supplied CVSS vector is AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, which aligns with a local availability impact.
Defensive priority
High for affected Siemens SIMATIC CN 4100 deployments because the failure mode is a deadlock that can disrupt device availability. Priority is lower than a remotely exploitable compromise but still important for OT uptime and safety planning.
Recommended defensive actions
- Upgrade affected Siemens SIMATIC CN 4100 systems to V5.0 or later, as specified in the advisory.
- Verify whether any deployed images or builds include the Linux kernel opt3001 driver path referenced in the advisory.
- Schedule maintenance windows and validate failover/recovery procedures to reduce operational impact if a device hangs.
- Track the Siemens and CISA advisory references for any follow-up guidance or revisions.
- Treat the source vendor/product mapping as needing review before broad internal redistribution, because the supplied metadata marks it low confidence.
Evidence notes
The supplied advisory text states that the threaded IRQ function in the Linux kernel opt3001 driver reads a flag twice and can deadlock if the flag changes between mutex_lock() and mutex_unlock(). The source metadata also provides a CVSS 3.1 vector of AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H and a vendor remediation of V5.0 or later. Publication timing in the supplied corpus is 2026-05-12 with a CISA republication on 2026-05-14. The vendor/product mapping in the user-supplied metadata is marked low confidence and needs review.
Official resources
-
CVE-2025-37968 CVE record
CVE.org
-
CVE-2025-37968 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory date in the supplied corpus is 2026-05-12, with a CISA republication on 2026-05-14. No KEV listing is present in the supplied data.