CVE-2025-38631

MEDIUM EPSS 4.1%
Published Aug 22, 202510mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 22, 2025 10mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: clk: imx95-blk-ctl: Fix synchronous abort When enabling runtime PM for clock suppliers that also belong to a power domain, the following crash is thrown: error: synchronous external abort: 0000000096000010 [#1] PREEMPT SMP Workqueue: events_unbound deferred_probe_work_func pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : clk_mux_get_parent+0x60/0x90 lr : clk_core_reparent_orphans_nolock+0x58/0xd8 Call trace: clk_mux_get_parent+0x60/0x90 clk_core_reparent_orphans_nolock+0x58/0xd8 of_clk_add_hw_provider.part.0+0x90/0x100 of_clk_add_hw_provider+0x1c/0x38 imx95_bc_probe+0x2e0/0x3f0 platform_probe+0x70/0xd8 Enabling runtime PM without explicitly resuming the device caused the power domain cut off after clk_register() is called. As a result, a crash happens when the clock hardware provider is added and attempts to access the BLK_CTL register. Fix this by using devm_pm_runtime_enable() instead of pm_runtime_enable() and getting rid of the pm_runtime_disable() in the cleanup path.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥6.10  –  <6.12.42
linuxlinux_kernel*≥6.13  –  <6.15.10
linuxlinux_kernel*≥6.16  –  <6.16.1

References 4

  • git.kernel.org https://git.kernel.org/stable/c/533dc3cb375cabd8a2beba293d63ef2acd3d0005
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9f0ee0baf25b46bb82655c687718ebb0ae1def7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b08217a257215ed9130fce93d35feba66b49bf0a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c1dead8bb303f86905ea6a09e5acda931165453b
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/533dc3cb375cabd8a2beba293d63ef2acd3d0005
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9f0ee0baf25b46bb82655c687718ebb0ae1def7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b08217a257215ed9130fce93d35feba66b49bf0a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c1dead8bb303f86905ea6a09e5acda931165453b
    Patch