CVE-2025-23161

MEDIUM EPSS 2.0%
Published May 1, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be accessed with disabled interrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this purpose. A spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be acquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in the same context as the pci_lock. Make vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with interrupts disabled. This was reported as: BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 Call Trace: rt_spin_lock+0x4e/0x130 vmd_pci_read+0x8d/0x100 [vmd] pci_user_read_config_byte+0x6f/0xe0 pci_read_config+0xfe/0x290 sysfs_kf_bin_read+0x68/0x90 [bigeasy: reword commit message] Tested-off-by: Luis Claudio R. Goncalves <lgoncalv@redhat.com> [kwilczynski: commit log] [bhelgaas: add back report info from https://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel* <5.15.181
linuxlinux_kernel*≥5.16  –  <6.1.135
linuxlinux_kernel*≥6.2  –  <6.6.88
linuxlinux_kernel*≥6.7  –  <6.12.24
linuxlinux_kernel*≥6.13  –  <6.13.12
linuxlinux_kernel*≥6.14  –  <6.14.3
debiandebian_linux11.0any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/13e5148f70e81991acbe0bab5b1b50ba699116e7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/18056a48669a040bef491e63b25896561ee14d90
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/20d0a9062c031068fa39f725a32f182b709b5525
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2358046ead696ca5c7c628d6c0e2c6792619a3e5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5c3cfcf0b4bf43530788b08a8eaf7896ec567484
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c250262d6485ca333e9821f85b07eb383ec546b1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c2968c812339593ac6e2bdd5cc3adabe3f05fa53
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
    Mailing List

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/13e5148f70e81991acbe0bab5b1b50ba699116e7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/18056a48669a040bef491e63b25896561ee14d90
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/20d0a9062c031068fa39f725a32f182b709b5525
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2358046ead696ca5c7c628d6c0e2c6792619a3e5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5c3cfcf0b4bf43530788b08a8eaf7896ec567484
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c250262d6485ca333e9821f85b07eb383ec546b1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c2968c812339593ac6e2bdd5cc3adabe3f05fa53
    Patch