CVE-2025-38633

In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: mark K1 pll1_d8 as critical The pll1_d8 clock is enabled by the boot loader, and is ultimately a parent for numerous clocks, including those used by APB and AXI buses. Guodong Xu discovered that this clock got disabled while responding to getting -EPROBE_DEFER when requesting a reset controller. The needed clock (CLK_DMA, along with its parents) had already been enabled. To respond to the probe deferral return, the CLK_DMA clock was disabled, and this led to parent clocks also reducing their enable count. When the enable count for pll1_d8 was decremented it became 0, which caused it to be disabled. This led to a system hang. Marking that clock critical resolves this by preventing it from being disabled. Define a new macro CCU_FACTOR_GATE_DEFINE() to allow clock flags to be supplied for a CCU_FACTOR_GATE clock.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/10948c00e548e9ad2ce9d765baf26dce2d9b806b	Patch
https://git.kernel.org/stable/c/7554729de27daf6d54bcf8689d863bbe267828bf	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:6.16:*:*:*:*:*:*:*

History

26 Nov 2025, 17:11

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		NVD-CWE-noinfo
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel:6.16:::::::*
References	~~() https://git.kernel.org/stable/c/10948c00e548e9ad2ce9d765baf26dce2d9b806b -~~	() https://git.kernel.org/stable/c/10948c00e548e9ad2ce9d765baf26dce2d9b806b - Patch
References	~~() https://git.kernel.org/stable/c/7554729de27daf6d54bcf8689d863bbe267828bf -~~	() https://git.kernel.org/stable/c/7554729de27daf6d54bcf8689d863bbe267828bf - Patch

Information

Published : 2025-08-22 16:15

Updated : 2025-11-26 17:11

NVD link : CVE-2025-38633

Mitre link : CVE-2025-38633

CVE.ORG link : CVE-2025-38633

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2025-38633", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-08-22T16:15:37.173", "references": [{"url": "https://git.kernel.org/stable/c/10948c00e548e9ad2ce9d765baf26dce2d9b806b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7554729de27daf6d54bcf8689d863bbe267828bf", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: spacemit: mark K1 pll1_d8 as critical\n\nThe pll1_d8 clock is enabled by the boot loader, and is ultimately a\nparent for numerous clocks, including those used by APB and AXI buses.\nGuodong Xu discovered that this clock got disabled while responding to\ngetting -EPROBE_DEFER when requesting a reset controller.\n\nThe needed clock (CLK_DMA, along with its parents) had already been\nenabled. To respond to the probe deferral return, the CLK_DMA clock\nwas disabled, and this led to parent clocks also reducing their enable\ncount. When the enable count for pll1_d8 was decremented it became 0,\nwhich caused it to be disabled. This led to a system hang.\n\nMarking that clock critical resolves this by preventing it from being\ndisabled.\n\nDefine a new macro CCU_FACTOR_GATE_DEFINE() to allow clock flags to\nbe supplied for a CCU_FACTOR_GATE clock."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: spacemit: marcar K1 pll1_d8 como cr\u00edtico El reloj pll1_d8 es habilitado por el gestor de arranque y, en \u00faltima instancia, es un reloj padre para numerosos relojes, incluidos los que utilizan los buses APB y AXI. Guodong Xu descubri\u00f3 que este reloj se deshabilitaba al responder a la obtenci\u00f3n de -EPROBE_DEFER al solicitar un controlador de reinicio. El reloj necesario (CLK_DMA, junto con sus padres) ya se hab\u00eda habilitado. Para responder al retorno de aplazamiento de la sonda, se deshabilit\u00f3 el reloj CLK_DMA, y esto provoc\u00f3 que los relojes padre tambi\u00e9n redujeran su contador de habilitaciones. Cuando se decrement\u00f3 el contador de habilitaciones para pll1_d8, se convirti\u00f3 en 0, lo que provoc\u00f3 que se deshabilitara. Esto provoc\u00f3 un cuelgue del sistema. Marcar ese reloj como cr\u00edtico resuelve esto evitando que se deshabilite. Defina una nueva macro CCU_FACTOR_GATE_DEFINE() para permitir que se suministren indicadores de reloj para un reloj CCU_FACTOR_GATE."}], "lastModified": "2025-11-26T17:11:58.190", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6BFC4F7-7099-4420-AF39-DD1CEABB8DF9"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}