DEBIAN-CVE-2025-38631
- Source
- https://security-tracker.debian.org/tracker/CVE-2025-38631
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2025-38631.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2025-38631
- Upstream
- Published
- 2025-08-22T16:15:36.893Z
- Modified
- 2025-11-27T11:16:07.778870Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: clk: imx95-blk-ctl: Fix synchronous abort When enabling runtime PM for clock suppliers that also belong to a power domain, the following crash is thrown: error: synchronous external abort: 0000000096000010 [#1] PREEMPT SMP Workqueue: eventsunbound deferredprobeworkfunc pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : clkmuxgetparent+0x60/0x90 lr : clkcorereparentorphansnolock+0x58/0xd8 Call trace: clkmuxgetparent+0x60/0x90 clkcorereparentorphansnolock+0x58/0xd8 ofclkaddhwprovider.part.0+0x90/0x100 ofclkaddhwprovider+0x1c/0x38 imx95bcprobe+0x2e0/0x3f0 platformprobe+0x70/0xd8 Enabling runtime PM without explicitly resuming the device caused the power domain cut off after clkregister() is called. As a result, a crash happens when the clock hardware provider is added and attempts to access the BLKCTL register. Fix this by using devmpmruntimeenable() instead of pmruntimeenable() and getting rid of the pmruntimedisable() in the cleanup path.
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.16.3-1