CVE-2025-40108 (GCVE-0-2025-40108)

Vulnerability from cvelistv5 – Published: 2025-11-09 04:35 – Updated: 2025-12-01 06:18
VLAI?
Title
serial: qcom-geni: Fix blocked task
Summary
In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 ("serial: qcom-geni: Enable PM runtime for serial driver") and its dependent commit 86fa39dd6fb7 ("serial: qcom-geni: Enable Serial on SA8255p Qualcomm platforms") because the first one causes regression - hang task on Qualcomm RB1 board (QRB2210) and unable to use serial at all during normal boot: INFO: task kworker/u16:0:12 blocked for more than 42 seconds. Not tainted 6.17.0-rc1-00004-g53e760d89498 #9 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u16:0 state:D stack:0 pid:12 tgid:12 ppid:2 task_flags:0x4208060 flags:0x00000010 Workqueue: async async_run_entry_fn Call trace: __switch_to+0xe8/0x1a0 (T) __schedule+0x290/0x7c0 schedule+0x34/0x118 rpm_resume+0x14c/0x66c rpm_resume+0x2a4/0x66c rpm_resume+0x2a4/0x66c rpm_resume+0x2a4/0x66c __pm_runtime_resume+0x50/0x9c __driver_probe_device+0x58/0x120 driver_probe_device+0x3c/0x154 __driver_attach_async_helper+0x4c/0xc0 async_run_entry_fn+0x34/0xe0 process_one_work+0x148/0x290 worker_thread+0x2c4/0x3e0 kthread+0x118/0x1c0 ret_from_fork+0x10/0x20 The issue was reported on 12th of August and was ignored by author of commits introducing issue for two weeks. Only after complaining author produced a fix which did not work, so if original commits cannot be reliably fixed for 5 weeks, they obviously are buggy and need to be dropped.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 1afa70632c390488308d8e94e037df6895a3e1ac , < 1e810d81769e16637bcd845ba37fbc1eba5d4bd2 (git)
Affected: 1afa70632c390488308d8e94e037df6895a3e1ac , < a699213d4e6ef4286348c6439837990f121e0c03 (git)
Create a notification for this product.
    Linux Linux Affected: 6.17
Unaffected: 0 , < 6.17 (semver)
Unaffected: 6.17.2 , ≤ 6.17.* (semver)
Unaffected: 6.18 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/serial/qcom_geni_serial.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1e810d81769e16637bcd845ba37fbc1eba5d4bd2",
              "status": "affected",
              "version": "1afa70632c390488308d8e94e037df6895a3e1ac",
              "versionType": "git"
            },
            {
              "lessThan": "a699213d4e6ef4286348c6439837990f121e0c03",
              "status": "affected",
              "version": "1afa70632c390488308d8e94e037df6895a3e1ac",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/serial/qcom_geni_serial.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.17"
            },
            {
              "lessThan": "6.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.17.*",
              "status": "unaffected",
              "version": "6.17.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.18",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17.2",
                  "versionStartIncluding": "6.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18",
                  "versionStartIncluding": "6.17",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: qcom-geni: Fix blocked task\n\nRevert commit 1afa70632c39 (\"serial: qcom-geni: Enable PM runtime for\nserial driver\") and its dependent commit 86fa39dd6fb7 (\"serial:\nqcom-geni: Enable Serial on SA8255p Qualcomm platforms\") because the\nfirst one causes regression - hang task on Qualcomm RB1 board (QRB2210)\nand unable to use serial at all during normal boot:\n\n  INFO: task kworker/u16:0:12 blocked for more than 42 seconds.\n        Not tainted 6.17.0-rc1-00004-g53e760d89498 #9\n  \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n  task:kworker/u16:0   state:D stack:0     pid:12    tgid:12    ppid:2      task_flags:0x4208060 flags:0x00000010\n  Workqueue: async async_run_entry_fn\n  Call trace:\n   __switch_to+0xe8/0x1a0 (T)\n   __schedule+0x290/0x7c0\n   schedule+0x34/0x118\n   rpm_resume+0x14c/0x66c\n   rpm_resume+0x2a4/0x66c\n   rpm_resume+0x2a4/0x66c\n   rpm_resume+0x2a4/0x66c\n   __pm_runtime_resume+0x50/0x9c\n   __driver_probe_device+0x58/0x120\n   driver_probe_device+0x3c/0x154\n   __driver_attach_async_helper+0x4c/0xc0\n   async_run_entry_fn+0x34/0xe0\n   process_one_work+0x148/0x290\n   worker_thread+0x2c4/0x3e0\n   kthread+0x118/0x1c0\n   ret_from_fork+0x10/0x20\n\nThe issue was reported on 12th of August and was ignored by author of\ncommits introducing issue for two weeks.  Only after complaining author\nproduced a fix which did not work, so if original commits cannot be\nreliably fixed for 5 weeks, they obviously are buggy and need to be\ndropped."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-01T06:18:11.003Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1e810d81769e16637bcd845ba37fbc1eba5d4bd2"
        },
        {
          "url": "https://git.kernel.org/stable/c/a699213d4e6ef4286348c6439837990f121e0c03"
        }
      ],
      "title": "serial: qcom-geni: Fix blocked task",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-40108",
    "datePublished": "2025-11-09T04:35:58.587Z",
    "dateReserved": "2025-04-16T07:20:57.167Z",
    "dateUpdated": "2025-12-01T06:18:11.003Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-40108\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-11-09T05:15:35.580\",\"lastModified\":\"2025-11-12T16:19:59.103\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nserial: qcom-geni: Fix blocked task\\n\\nRevert commit 1afa70632c39 (\\\"serial: qcom-geni: Enable PM runtime for\\nserial driver\\\") and its dependent commit 86fa39dd6fb7 (\\\"serial:\\nqcom-geni: Enable Serial on SA8255p Qualcomm platforms\\\") because the\\nfirst one causes regression - hang task on Qualcomm RB1 board (QRB2210)\\nand unable to use serial at all during normal boot:\\n\\n  INFO: task kworker/u16:0:12 blocked for more than 42 seconds.\\n        Not tainted 6.17.0-rc1-00004-g53e760d89498 #9\\n  \\\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\\\" disables this message.\\n  task:kworker/u16:0   state:D stack:0     pid:12    tgid:12    ppid:2      task_flags:0x4208060 flags:0x00000010\\n  Workqueue: async async_run_entry_fn\\n  Call trace:\\n   __switch_to+0xe8/0x1a0 (T)\\n   __schedule+0x290/0x7c0\\n   schedule+0x34/0x118\\n   rpm_resume+0x14c/0x66c\\n   rpm_resume+0x2a4/0x66c\\n   rpm_resume+0x2a4/0x66c\\n   rpm_resume+0x2a4/0x66c\\n   __pm_runtime_resume+0x50/0x9c\\n   __driver_probe_device+0x58/0x120\\n   driver_probe_device+0x3c/0x154\\n   __driver_attach_async_helper+0x4c/0xc0\\n   async_run_entry_fn+0x34/0xe0\\n   process_one_work+0x148/0x290\\n   worker_thread+0x2c4/0x3e0\\n   kthread+0x118/0x1c0\\n   ret_from_fork+0x10/0x20\\n\\nThe issue was reported on 12th of August and was ignored by author of\\ncommits introducing issue for two weeks.  Only after complaining author\\nproduced a fix which did not work, so if original commits cannot be\\nreliably fixed for 5 weeks, they obviously are buggy and need to be\\ndropped.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1e810d81769e16637bcd845ba37fbc1eba5d4bd2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a699213d4e6ef4286348c6439837990f121e0c03\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.