-

CVE-2025-39681

EPSS 0.04%
Veröffentlicht 05.09.2025 17:20:47
Zuletzt bearbeitet 08.09.2025 16:25:38
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper

Since

  923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot")

resctrl_cpu_detect() has been moved from common CPU initialization code to
the vendor-specific BSP init helper, while Hygon didn't put that call in their
code.

This triggers a division by zero fault during early booting stage on our
machines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries
to calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale.

Add the missing resctrl_cpu_detect() in the Hygon BSP init helper.

  [ bp: Massage commit message. ]

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 62f12cde10118253348a7540e85606869bd69432

Version 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9

Status affected

Version < 873f32201df8876bdb2563e3187e79149427cab4

Version 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9

Status affected

Version < fb81222c1559f89bfe3aa1010f6d112531d55353

Version 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9

Status affected

Version < 7207923d8453ebfb35667c1736169f2dd796772e

Version 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9

Status affected

Version < a9e5924daa954c9f585c1ca00358afe71d6781c4

Version 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9

Status affected

Version < d23264c257a70dbe021b43b3bc2ee16134cd2c69

Version 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9

Status affected

Version < d8df126349dad855cdfedd6bbf315bad2e901c2f

Version 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.8

Status affected

Version < 5.8

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.242

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.149

Status unaffected

Version <= 6.6.*

Version 6.6.103

Status unaffected

Version <= 6.12.*

Version 6.12.44

Status unaffected

Version <= 6.16.*

Version 6.16.4

Status unaffected

Version <= *

Version 6.17-rc3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.092

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/873f32201df8876bdb2563e3187e79149427cab4

https://git.kernel.org/stable/c/fb81222c1559f89bfe3aa1010f6d112531d55353

https://git.kernel.org/stable/c/7207923d8453ebfb35667c1736169f2dd796772e

https://git.kernel.org/stable/c/a9e5924daa954c9f585c1ca00358afe71d6781c4

https://git.kernel.org/stable/c/d23264c257a70dbe021b43b3bc2ee16134cd2c69

https://git.kernel.org/stable/c/d8df126349dad855cdfedd6bbf315bad2e901c2f

https://git.kernel.org/stable/c/62f12cde10118253348a7540e85606869bd69432

https://nvd.nist.gov/vuln/detail/CVE-2025-39681

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39681

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39681

EUVD