CVE-2025-38388

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38388
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38388.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38388
Downstream
Published
2025-07-25T12:53:28Z
Modified
2025-10-17T10:09:27.962618Z
Summary
firmware: arm_ffa: Replace mutex with rwlock to avoid sleep in atomic context
Details

In the Linux kernel, the following vulnerability has been resolved:

firmware: arm_ffa: Replace mutex with rwlock to avoid sleep in atomic context

The current use of a mutex to protect the notifier hashtable accesses can lead to issues in the atomic context. It results in the below kernel warnings:

| BUG: sleeping function called from invalid context at kernel/locking/mutex.c:258 | inatomic(): 1, irqsdisabled(): 1, nonblock: 0, pid: 9, name: kworker/0:0 | preemptcount: 1, expected: 0 | RCU nest depth: 0, expected: 0 | CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted 6.14.0 #4 | Workqueue: ffapcpuirqnotification notifpcpuirqworkfn | Call trace: | showstack+0x18/0x24 (C) | dumpstacklvl+0x78/0x90 | dumpstack+0x18/0x24 | _mightresched+0x114/0x170 | _mightsleep+0x48/0x98 | mutexlock+0x24/0x80 | handlenotifcallbacks+0x54/0xe0 | notifgetandhandle+0x40/0x88 | genericexecsingle+0x80/0xc0 | smpcallfunctionsingle+0xfc/0x1a0 | notifpcpuirqworkfn+0x2c/0x38 | processonework+0x14c/0x2b4 | workerthread+0x2e4/0x3e0 | kthread+0x13c/0x210 | retfrom_fork+0x10/0x20

To address this, replace the mutex with an rwlock to protect the notifier hashtable accesses. This ensures that read-side locking does not sleep and multiple readers can acquire the lock concurrently, avoiding unnecessary contention and potential deadlocks. Writer access remains exclusive, preserving correctness.

This change resolves warnings from lockdep about potential sleep in atomic context.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e0573444edbf4ee7e3c191d3d08a4ccbd26628be
Fixed
31405510a48dcf054abfa5b7b8d70ce1b27d1f13
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e0573444edbf4ee7e3c191d3d08a4ccbd26628be
Fixed
8986f8f61b482c0e6efd28f0b2423d9640c20eb1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e0573444edbf4ee7e3c191d3d08a4ccbd26628be
Fixed
9ca7a421229bbdfbe2e1e628cff5cfa782720a10

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
v6.15.3
v6.15.4
v6.15.5
v6.16-rc1
v6.6
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.37
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.15.6