CVE-2025-38322

EPSS 0.04%
Veröffentlicht 10.07.2025 08:14:57
Zuletzt bearbeitet 25.09.2025 10:15:31
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

perf/x86/intel: Fix crash in icl_update_topdown_event()

The perf_fuzzer found a hard-lockup crash on a RaptorLake machine:

  Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000
  CPU: 23 UID: 0 PID: 0 Comm: swapper/23
  Tainted: [W]=WARN
  Hardware name: Dell Inc. Precision 9660/0VJ762
  RIP: 0010:native_read_pmc+0x7/0x40
  Code: cc e8 8d a9 01 00 48 89 03 5b cd cc cc cc cc 0f 1f ...
  RSP: 000:fffb03100273de8 EFLAGS: 00010046
  ....
  Call Trace:
    <TASK>
    icl_update_topdown_event+0x165/0x190
    ? ktime_get+0x38/0xd0
    intel_pmu_read_event+0xf9/0x210
    __perf_event_read+0xf9/0x210

CPUs 16-23 are E-core CPUs that don't support the perf metrics feature.
The icl_update_topdown_event() should not be invoked on these CPUs.

It's a regression of commit:

  f9bdf1f95339 ("perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample read")

The bug introduced by that commit is that the is_topdown_event() function
is mistakenly used to replace the is_topdown_count() call to check if the
topdown functions for the perf metrics feature should be invoked.

Fix it.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 702ea6028032d6c1fe96c2d4762a3575e3654819

Version 781b2db0eb7731fbde510c268b7ccc62959c3feb

Status affected

Version < 79e2dd573116d3338507c311460da9669095c94d

Version e7f6922c8a5b41522a8329ea6bbf815993b2dd28

Status affected

Version < a85cc69acdcb05f8cd226b8ea0778b8e2e887e6f

Version f9bdf1f953392c9edd69a7f884f78c0390127029

Status affected

Version < b0823d5fbacb1c551d793cbfe7af24e0d1fa45ed

Version f9bdf1f953392c9edd69a7f884f78c0390127029

Status affected

Version 3a8bec6583e5239de3bd597ab382dc6c2b0c29a1

Status affected

Version 06cd7bfbb86e9db3e9013ea6636ad2c6f0a1664d

Status affected

Version d8370aa704bd7e384918c8f466856374725c0585

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.15

Status affected

Version < 6.15

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.149

Status unaffected

Version <= 6.6.*

Version 6.6.101

Status unaffected

Version <= 6.15.*

Version 6.15.4

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.11

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/a85cc69acdcb05f8cd226b8ea0778b8e2e887e6f

https://git.kernel.org/stable/c/b0823d5fbacb1c551d793cbfe7af24e0d1fa45ed

https://git.kernel.org/stable/c/79e2dd573116d3338507c311460da9669095c94d

https://git.kernel.org/stable/c/702ea6028032d6c1fe96c2d4762a3575e3654819

https://git.kernel.org/stable/c/e97c45c770f5e56c784a46c2a96ab968d26b97d9

https://nvd.nist.gov/vuln/detail/CVE-2025-38322

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38322

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38322

EUVD