| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025061838-CVE-2025-38005-a02e@gregkh> Date: Wed, 18 Jun 2025 11:28:39 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38005: dmaengine: ti: k3-udma: Add missing locking From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Add missing locking Recent kernels complain about a missing lock in k3-udma.c when the lock validator is enabled: [ 4.128073] WARNING: CPU: 0 PID: 746 at drivers/dma/ti/../virt-dma.h:169 udma_start.isra.0+0x34/0x238 [ 4.137352] CPU: 0 UID: 0 PID: 746 Comm: kworker/0:3 Not tainted 6.12.9-arm64 #28 [ 4.144867] Hardware name: pp-v12 (DT) [ 4.148648] Workqueue: events udma_check_tx_completion [ 4.153841] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 4.160834] pc : udma_start.isra.0+0x34/0x238 [ 4.165227] lr : udma_start.isra.0+0x30/0x238 [ 4.169618] sp : ffffffc083cabcf0 [ 4.172963] x29: ffffffc083cabcf0 x28: 0000000000000000 x27: ffffff800001b005 [ 4.180167] x26: ffffffc0812f0000 x25: 0000000000000000 x24: 0000000000000000 [ 4.187370] x23: 0000000000000001 x22: 00000000e21eabe9 x21: ffffff8000fa0670 [ 4.194571] x20: ffffff8001b6bf00 x19: ffffff8000fa0430 x18: ffffffc083b95030 [ 4.201773] x17: 0000000000000000 x16: 00000000f0000000 x15: 0000000000000048 [ 4.208976] x14: 0000000000000048 x13: 0000000000000000 x12: 0000000000000001 [ 4.216179] x11: ffffffc08151a240 x10: 0000000000003ea1 x9 : ffffffc08046ab68 [ 4.223381] x8 : ffffffc083cabac0 x7 : ffffffc081df3718 x6 : 0000000000029fc8 [ 4.230583] x5 : ffffffc0817ee6d8 x4 : 0000000000000bc0 x3 : 0000000000000000 [ 4.237784] x2 : 0000000000000000 x1 : 00000000001fffff x0 : 0000000000000000 [ 4.244986] Call trace: [ 4.247463] udma_start.isra.0+0x34/0x238 [ 4.251509] udma_check_tx_completion+0xd0/0xdc [ 4.256076] process_one_work+0x244/0x3fc [ 4.260129] process_scheduled_works+0x6c/0x74 [ 4.264610] worker_thread+0x150/0x1dc [ 4.268398] kthread+0xd8/0xe8 [ 4.271492] ret_from_fork+0x10/0x20 [ 4.275107] irq event stamp: 220 [ 4.278363] hardirqs last enabled at (219): [<ffffffc080a27c7c>] _raw_spin_unlock_irq+0x38/0x50 [ 4.287183] hardirqs last disabled at (220): [<ffffffc080a1c154>] el1_dbg+0x24/0x50 [ 4.294879] softirqs last enabled at (182): [<ffffffc080037e68>] handle_softirqs+0x1c0/0x3cc [ 4.303437] softirqs last disabled at (177): [<ffffffc080010170>] __do_softirq+0x1c/0x28 [ 4.311559] ---[ end trace 0000000000000000 ]--- This commit adds the missing locking. The Linux kernel CVE team has assigned CVE-2025-38005 to this issue. Affected and fixed versions =========================== Issue introduced in 5.6 with commit 25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 and fixed in 5.10.238 with commit 27e71fa08711e09d81e06a54007b362a5426fd22 Issue introduced in 5.6 with commit 25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 and fixed in 5.15.184 with commit 0ea0433f822ed0549715f7044c9cd1cf132ff7fa Issue introduced in 5.6 with commit 25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 and fixed in 6.1.140 with commit df5987e76a4ae4cbd705d81ab4b15ed232250a4a Issue introduced in 5.6 with commit 25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 and fixed in 6.6.92 with commit d87f1cddc592387359fde157cc4296556f6403c2 Issue introduced in 5.6 with commit 25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 and fixed in 6.12.30 with commit 26e63b2fe30c61bd25981c6084f67a8af79945d0 Issue introduced in 5.6 with commit 25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 and fixed in 6.14.8 with commit 99df1edf17493cb49a8c01f6bde55c3abb6a2a6c Issue introduced in 5.6 with commit 25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 and fixed in 6.15 with commit fca280992af8c2fbd511bc43f65abb4a17363f2f Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38005 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/dma/ti/k3-udma.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/27e71fa08711e09d81e06a54007b362a5426fd22 https://git.kernel.org/stable/c/0ea0433f822ed0549715f7044c9cd1cf132ff7fa https://git.kernel.org/stable/c/df5987e76a4ae4cbd705d81ab4b15ed232250a4a https://git.kernel.org/stable/c/d87f1cddc592387359fde157cc4296556f6403c2 https://git.kernel.org/stable/c/26e63b2fe30c61bd25981c6084f67a8af79945d0 https://git.kernel.org/stable/c/99df1edf17493cb49a8c01f6bde55c3abb6a2a6c https://git.kernel.org/stable/c/fca280992af8c2fbd511bc43f65abb4a17363f2f
Powered by blists - more mailing lists