IM
IronMonkey Threat Research

CVE-2025-21645 MEDIUM

Published: 2025-01-19 | Last Modified: 2026-07-14 | Status: Modified

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it Wakeup for IRQ1 should be disabled only in cases where i8042 had actually enabled it, otherwise "wake_depth" for this IRQ will try to drop below zero and there will be an unpleasant WARN() logged: kernel: atkbd serio0: Disabling IRQ1 wakeup source to avoid platform firmware bug kernel: ------------[ cut here ]------------ kernel: Unbalanced IRQ 1 wake disable kernel: WARNING: CPU: 10 PID: 6431 at kernel/irq/manage.c:920 irq_set_irq_wake+0x147/0x1a0 The PMC driver uses DEFINE_SIMPLE_DEV_PM_OPS() to define its dev_pm_ops which sets amd_pmc_suspend_handler() to the .suspend, .freeze, and .poweroff handlers. i8042_pm_suspend(), however, is only set as the .suspend handler. Fix the issue by call PMC suspend handler only from the same set of dev_pm_ops handlers as i8042_pm_suspend(), which currently means just the .suspend handler. To reproduce this issue try hibernating (S4) the machine after a fresh boot without putting it into s2idle first. [ij: edited the commit message.]

Additional Descriptions (1)

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: platform/x86/amd/pmc: Solo deshabilitar la activación de IRQ1 donde i8042 realmente la habilitó La activación para IRQ1 debe deshabilitarse solo en los casos en que i8042 realmente la haya habilitado, de lo contrario, "wake_depth" para esta IRQ intentará caer por debajo de cero y se registrará un WARN() desagradable: kernel: atkbd serio0: Deshabilitar la fuente de activación de IRQ1 para evitar un error de firmware de la plataforma kernel: ------------[ cortar aquí ]------------ kernel: Deshabilitar activación de IRQ 1 no balanceada kernel: ADVERTENCIA: CPU: 10 PID: 6431 en kernel/irq/manage.c:920 irq_set_irq_wake+0x147/0x1a0 El controlador PMC usa DEFINE_SIMPLE_DEV_PM_OPS() para definir su dev_pm_ops que establece amd_pmc_suspend_handler() en .suspend, .freeze y .poweroff. Sin embargo, i8042_pm_suspend() solo se configura como el controlador .suspend. Solucione el problema llamando al controlador de suspensión PMC solo desde el mismo conjunto de controladores dev_pm_ops que i8042_pm_suspend(), lo que actualmente significa solo el controlador .suspend. Para reproducir este problema, intente hibernar (S4) la máquina después de un arranque nuevo sin ponerla primero en s2idle. [ij: edité el mensaje de confirmación].

CVSS Metrics

Base Score: 5.5 (MEDIUM)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 3.6

Weaknesses

Source Type Description
[email protected] Primary
en NVD-CWE-noinfo

Affected Products

Vendor Product Version Update Type
linux linux_kernel * <built-in method update of dict object at 0x702bde4f3480> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bdd9a2a00> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcbbf79c0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702ba6c51f80> Operating System
linux linux_kernel 6.2 <built-in method update of dict object at 0x702bcbbf5900> Operating System
linux linux_kernel 6.2 <built-in method update of dict object at 0x702bcbbf44c0> Operating System
linux linux_kernel 6.2 <built-in method update of dict object at 0x702bdd9a2480> Operating System
linux linux_kernel 6.2 <built-in method update of dict object at 0x702ba6c51a80> Operating System
linux linux_kernel 6.13 <built-in method update of dict object at 0x702bcbbf40c0> Operating System
linux linux_kernel 6.13 <built-in method update of dict object at 0x702bcbbf43c0> Operating System
linux linux_kernel 6.13 <built-in method update of dict object at 0x702bdd9a2340> Operating System
linux linux_kernel 6.13 <built-in method update of dict object at 0x702bdd9a2000> Operating System
linux linux_kernel 6.13 <built-in method update of dict object at 0x702bde4f2040> Operating System
linux linux_kernel 6.13 <built-in method update of dict object at 0x702ba6c514c0> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.2:-:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*

References

Notification
Message here