CVE-2025-38631

EPSS 0.03%
Veröffentlicht 22.08.2025 16:00:39
Zuletzt bearbeitet 22.08.2025 18:08:51
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

clk: imx95-blk-ctl: Fix synchronous abort

When enabling runtime PM for clock suppliers that also belong to a power
domain, the following crash is thrown:
error: synchronous external abort: 0000000096000010 [#1] PREEMPT SMP
Workqueue: events_unbound deferred_probe_work_func
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : clk_mux_get_parent+0x60/0x90
lr : clk_core_reparent_orphans_nolock+0x58/0xd8
  Call trace:
   clk_mux_get_parent+0x60/0x90
   clk_core_reparent_orphans_nolock+0x58/0xd8
   of_clk_add_hw_provider.part.0+0x90/0x100
   of_clk_add_hw_provider+0x1c/0x38
   imx95_bc_probe+0x2e0/0x3f0
   platform_probe+0x70/0xd8

Enabling runtime PM without explicitly resuming the device caused
the power domain cut off after clk_register() is called. As a result,
a crash happens when the clock hardware provider is added and attempts
to access the BLK_CTL register.

Fix this by using devm_pm_runtime_enable() instead of pm_runtime_enable()
and getting rid of the pm_runtime_disable() in the cleanup path.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < c1dead8bb303f86905ea6a09e5acda931165453b

Version 5224b189462ff70df328f173b71acfd925092c3c

Status affected

Version < 9f0ee0baf25b46bb82655c687718ebb0ae1def7b

Version 5224b189462ff70df328f173b71acfd925092c3c

Status affected

Version < 533dc3cb375cabd8a2beba293d63ef2acd3d0005

Version 5224b189462ff70df328f173b71acfd925092c3c

Status affected

Version < b08217a257215ed9130fce93d35feba66b49bf0a

Version 5224b189462ff70df328f173b71acfd925092c3c

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.10

Status affected

Version < 6.10

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.42

Status unaffected

Version <= 6.15.*

Version 6.15.10

Status unaffected

Version <= 6.16.*

Version 6.16.1

Status unaffected

Version <= *

Version 6.17-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.054

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/c1dead8bb303f86905ea6a09e5acda931165453b

https://git.kernel.org/stable/c/9f0ee0baf25b46bb82655c687718ebb0ae1def7b

https://git.kernel.org/stable/c/533dc3cb375cabd8a2beba293d63ef2acd3d0005

https://git.kernel.org/stable/c/b08217a257215ed9130fce93d35feba66b49bf0a

https://nvd.nist.gov/vuln/detail/CVE-2025-38631

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38631

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38631

EUVD