CVE-2025-22011

MEDIUM EPSS 6.6%
Published Apr 8, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 8, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4 the VPU firmware always crashes on xHCI power-domain resume: root@raspberrypi:/sys/power# echo freeze > state [ 70.724347] xhci_suspend finished [ 70.727730] xhci_plat_suspend finished [ 70.755624] bcm2835-power bcm2835-power: Power grafx off [ 70.761127] USB: Set power to 0 [ 74.653040] USB: Failed to set power to 1 (-110) This seems to be caused because of the mixed usage of raspberrypi-power and bcm2835-power at the same time. So avoid the usage of the VPU firmware power-domain driver, which prevents the VPU crash.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
6.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥6.8  –  <6.12.21
linuxlinux_kernel*≥6.13  –  <6.13.9
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/393947e06867923d4c2be380d46efd03407a8ce2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b8a47aa0b3df701d0fc41b3caf78d00571776be0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f44fa354a0715577ca32b085f6f60bcf32c748dd
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/393947e06867923d4c2be380d46efd03407a8ce2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b8a47aa0b3df701d0fc41b3caf78d00571776be0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f44fa354a0715577ca32b085f6f60bcf32c748dd
    Patch