FKIE_CVE-2025-21668

Vulnerability from fkie_nvd - Published: 2025-01-31 12:15 - Updated: 2025-11-03 21:19
Severity
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: add missing loop break condition Currently imx8mp_blk_ctrl_remove() will continue the for loop until an out-of-bounds exception occurs. pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : dev_pm_domain_detach+0x8/0x48 lr : imx8mp_blk_ctrl_shutdown+0x58/0x90 sp : ffffffc084f8bbf0 x29: ffffffc084f8bbf0 x28: ffffff80daf32ac0 x27: 0000000000000000 x26: ffffffc081658d78 x25: 0000000000000001 x24: ffffffc08201b028 x23: ffffff80d0db9490 x22: ffffffc082340a78 x21: 00000000000005b0 x20: ffffff80d19bc180 x19: 000000000000000a x18: ffffffffffffffff x17: ffffffc080a39e08 x16: ffffffc080a39c98 x15: 4f435f464f006c72 x14: 0000000000000004 x13: ffffff80d0172110 x12: 0000000000000000 x11: ffffff80d0537740 x10: ffffff80d05376c0 x9 : ffffffc0808ed2d8 x8 : ffffffc084f8bab0 x7 : 0000000000000000 x6 : 0000000000000000 x5 : ffffff80d19b9420 x4 : fffffffe03466e60 x3 : 0000000080800077 x2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000 Call trace: dev_pm_domain_detach+0x8/0x48 platform_shutdown+0x2c/0x48 device_shutdown+0x158/0x268 kernel_restart_prepare+0x40/0x58 kernel_kexec+0x58/0xe8 __do_sys_reboot+0x198/0x258 __arm64_sys_reboot+0x2c/0x40 invoke_syscall+0x5c/0x138 el0_svc_common.constprop.0+0x48/0xf0 do_el0_svc+0x24/0x38 el0_svc+0x38/0xc8 el0t_64_sync_handler+0x120/0x130 el0t_64_sync+0x190/0x198 Code: 8128c2d0 ffffffc0 aa1e03e9 d503201f
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/488a68c948bc52dc2a4554a56fdd99aa67c49b06Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/699cc10cc3068f9097a506eae7fe178c860dca4ePatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/726efa92e02b460811e8bc6990dd742f03b645eaPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/926ad31b76b8e229b412536e77cdf828a5cae9c6Patch
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel 6.13
linux linux_kernel 6.13
linux linux_kernel 6.13
linux linux_kernel 6.13
linux linux_kernel 6.13
linux linux_kernel 6.13
linux linux_kernel 6.13
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BF34D7-A45F-4DD1-9681-0A2219E94910",
              "versionEndExcluding": "6.1.127",
              "versionStartIncluding": "5.19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38B2F4A9-C656-4A97-8718-D27E6BDFD82A",
              "versionEndExcluding": "6.6.74",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7D0DBC3-F63C-4396-8A47-6F3D4FA0556E",
              "versionEndExcluding": "6.12.11",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "93C0660D-7FB8-4FBA-892A-B064BA71E49E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "034C36A6-C481-41F3-AE9A-D116E5BE6895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "5DFCDFB8-4FD0-465A-9076-D813D78FE51B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: add missing loop break condition\n\nCurrently imx8mp_blk_ctrl_remove() will continue the for loop\nuntil an out-of-bounds exception occurs.\n\npstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : dev_pm_domain_detach+0x8/0x48\nlr : imx8mp_blk_ctrl_shutdown+0x58/0x90\nsp : ffffffc084f8bbf0\nx29: ffffffc084f8bbf0 x28: ffffff80daf32ac0 x27: 0000000000000000\nx26: ffffffc081658d78 x25: 0000000000000001 x24: ffffffc08201b028\nx23: ffffff80d0db9490 x22: ffffffc082340a78 x21: 00000000000005b0\nx20: ffffff80d19bc180 x19: 000000000000000a x18: ffffffffffffffff\nx17: ffffffc080a39e08 x16: ffffffc080a39c98 x15: 4f435f464f006c72\nx14: 0000000000000004 x13: ffffff80d0172110 x12: 0000000000000000\nx11: ffffff80d0537740 x10: ffffff80d05376c0 x9 : ffffffc0808ed2d8\nx8 : ffffffc084f8bab0 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : ffffff80d19b9420 x4 : fffffffe03466e60 x3 : 0000000080800077\nx2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000\nCall trace:\n dev_pm_domain_detach+0x8/0x48\n platform_shutdown+0x2c/0x48\n device_shutdown+0x158/0x268\n kernel_restart_prepare+0x40/0x58\n kernel_kexec+0x58/0xe8\n __do_sys_reboot+0x198/0x258\n __arm64_sys_reboot+0x2c/0x40\n invoke_syscall+0x5c/0x138\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x38/0xc8\n el0t_64_sync_handler+0x120/0x130\n el0t_64_sync+0x190/0x198\nCode: 8128c2d0 ffffffc0 aa1e03e9 d503201f"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pmdomain: imx8mp-blk-ctrl: agregar condici\u00f3n de interrupci\u00f3n de bucle faltante Actualmente, imx8mp_blk_ctrl_remove() continuar\u00e1 el bucle for hasta que se produzca una excepci\u00f3n fuera de los l\u00edmites. pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : dev_pm_domain_detach+0x8/0x48 lr : imx8mp_blk_ctrl_shutdown+0x58/0x90 sp : ffffffc084f8bbf0 x29: ffffffc084f8bbf0 x28: ffffff80daf32ac0 x27: 0000000000000000 x26: ffffffc081658d78 x25: 0000000000000001 x24: ffffffc08201b028 x23: ffffff80d0db9490 x22: ffffffc082340a78 x21: 00000000000005b0 x20: ffffff80d19bc180 x19: 000000000000000a x18: ffffffffffffffff x17: ffffffc080a39e08 x16: ffffffc080a39c98 x15: 4f435f464f006c72 x14: 0000000000000004 x13: ffffff80d0172110 x12: 0000000000000000 x11: ffffff80d0537740 x10: ffffff80d05376c0 x9 : ffffffc0808ed2d8 x8 : ffffffc084f8bab0 x7 : 0000000000000000 x6 : 0000000000000000 x5 : ffffff80d19b9420 x4 : fffffffe03466e60 x3 : 0000000080800077 x2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000 Call trace: dev_pm_domain_detach+0x8/0x48 platform_shutdown+0x2c/0x48 device_shutdown+0x158/0x268 kernel_restart_prepare+0x40/0x58 kernel_kexec+0x58/0xe8 __do_sys_reboot+0x198/0x258 __arm64_sys_reboot+0x2c/0x40 invoke_syscall+0x5c/0x138 el0_svc_common.constprop.0+0x48/0xf0 do_el0_svc+0x24/0x38 el0_svc+0x38/0xc8 el0t_64_sync_handler+0x120/0x130 el0t_64_sync+0x190/0x198 Code: 8128c2d0 ffffffc0 aa1e03e9 d503201f "
    }
  ],
  "id": "CVE-2025-21668",
  "lastModified": "2025-11-03T21:19:04.340",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-01-31T12:15:27.960",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/488a68c948bc52dc2a4554a56fdd99aa67c49b06"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/699cc10cc3068f9097a506eae7fe178c860dca4e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/726efa92e02b460811e8bc6990dd742f03b645ea"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/926ad31b76b8e229b412536e77cdf828a5cae9c6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.