| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025082232-CVE-2025-38631-5649@gregkh> Date: Fri, 22 Aug 2025 18:00:40 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38631: clk: imx95-blk-ctl: Fix synchronous abort From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: clk: imx95-blk-ctl: Fix synchronous abort When enabling runtime PM for clock suppliers that also belong to a power domain, the following crash is thrown: error: synchronous external abort: 0000000096000010 [#1] PREEMPT SMP Workqueue: events_unbound deferred_probe_work_func pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : clk_mux_get_parent+0x60/0x90 lr : clk_core_reparent_orphans_nolock+0x58/0xd8 Call trace: clk_mux_get_parent+0x60/0x90 clk_core_reparent_orphans_nolock+0x58/0xd8 of_clk_add_hw_provider.part.0+0x90/0x100 of_clk_add_hw_provider+0x1c/0x38 imx95_bc_probe+0x2e0/0x3f0 platform_probe+0x70/0xd8 Enabling runtime PM without explicitly resuming the device caused the power domain cut off after clk_register() is called. As a result, a crash happens when the clock hardware provider is added and attempts to access the BLK_CTL register. Fix this by using devm_pm_runtime_enable() instead of pm_runtime_enable() and getting rid of the pm_runtime_disable() in the cleanup path. The Linux kernel CVE team has assigned CVE-2025-38631 to this issue. Affected and fixed versions =========================== Issue introduced in 6.10 with commit 5224b189462ff70df328f173b71acfd925092c3c and fixed in 6.12.42 with commit c1dead8bb303f86905ea6a09e5acda931165453b Issue introduced in 6.10 with commit 5224b189462ff70df328f173b71acfd925092c3c and fixed in 6.15.10 with commit 9f0ee0baf25b46bb82655c687718ebb0ae1def7b Issue introduced in 6.10 with commit 5224b189462ff70df328f173b71acfd925092c3c and fixed in 6.16.1 with commit 533dc3cb375cabd8a2beba293d63ef2acd3d0005 Issue introduced in 6.10 with commit 5224b189462ff70df328f173b71acfd925092c3c and fixed in 6.17-rc1 with commit b08217a257215ed9130fce93d35feba66b49bf0a Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38631 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/clk/imx/clk-imx95-blk-ctl.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/c1dead8bb303f86905ea6a09e5acda931165453b https://git.kernel.org/stable/c/9f0ee0baf25b46bb82655c687718ebb0ae1def7b https://git.kernel.org/stable/c/533dc3cb375cabd8a2beba293d63ef2acd3d0005 https://git.kernel.org/stable/c/b08217a257215ed9130fce93d35feba66b49bf0a
Powered by blists - more mailing lists