{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-38633", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:24.030Z", "datePublished": "2025-08-22T16:00:41.434Z", "dateUpdated": "2026-05-11T21:31:59.755Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:31:59.755Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: spacemit: mark K1 pll1_d8 as critical\n\nThe pll1_d8 clock is enabled by the boot loader, and is ultimately a\nparent for numerous clocks, including those used by APB and AXI buses.\nGuodong Xu discovered that this clock got disabled while responding to\ngetting -EPROBE_DEFER when requesting a reset controller.\n\nThe needed clock (CLK_DMA, along with its parents) had already been\nenabled. To respond to the probe deferral return, the CLK_DMA clock\nwas disabled, and this led to parent clocks also reducing their enable\ncount. When the enable count for pll1_d8 was decremented it became 0,\nwhich caused it to be disabled. This led to a system hang.\n\nMarking that clock critical resolves this by preventing it from being\ndisabled.\n\nDefine a new macro CCU_FACTOR_GATE_DEFINE() to allow clock flags to\nbe supplied for a CCU_FACTOR_GATE clock."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/clk/spacemit/ccu-k1.c", "drivers/clk/spacemit/ccu_mix.h"], "versions": [{"version": "1b72c59db0add8e47fa116b21f78ed0b09a264f3", "lessThan": "10948c00e548e9ad2ce9d765baf26dce2d9b806b", "status": "affected", "versionType": "git"}, {"version": "1b72c59db0add8e47fa116b21f78ed0b09a264f3", "lessThan": "7554729de27daf6d54bcf8689d863bbe267828bf", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/clk/spacemit/ccu-k1.c", "drivers/clk/spacemit/ccu_mix.h"], "versions": [{"version": "6.16", "status": "affected"}, {"version": "0", "lessThan": "6.16", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.1", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.16.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.17"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/10948c00e548e9ad2ce9d765baf26dce2d9b806b"}, {"url": "https://git.kernel.org/stable/c/7554729de27daf6d54bcf8689d863bbe267828bf"}], "title": "clk: spacemit: mark K1 pll1_d8 as critical", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:*:*:*:*:*:*:*", "matchCriteriaId": "D6BFC4F7-7099-4420-AF39-DD1CEABB8DF9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: spacemit: mark K1 pll1_d8 as critical\n\nThe pll1_d8 clock is enabled by the boot loader, and is ultimately a\nparent for numerous clocks, including those used by APB and AXI buses.\nGuodong Xu discovered that this clock got disabled while responding to\ngetting -EPROBE_DEFER when requesting a reset controller.\n\nThe needed clock (CLK_DMA, along with its parents) had already been\nenabled. To respond to the probe deferral return, the CLK_DMA clock\nwas disabled, and this led to parent clocks also reducing their enable\ncount. When the enable count for pll1_d8 was decremented it became 0,\nwhich caused it to be disabled. This led to a system hang.\n\nMarking that clock critical resolves this by preventing it from being\ndisabled.\n\nDefine a new macro CCU_FACTOR_GATE_DEFINE() to allow clock flags to\nbe supplied for a CCU_FACTOR_GATE clock."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: spacemit: marcar K1 pll1_d8 como cr\u00edtico El reloj pll1_d8 es habilitado por el gestor de arranque y, en \u00faltima instancia, es un reloj padre para numerosos relojes, incluidos los que utilizan los buses APB y AXI. Guodong Xu descubri\u00f3 que este reloj se deshabilitaba al responder a la obtenci\u00f3n de -EPROBE_DEFER al solicitar un controlador de reinicio. El reloj necesario (CLK_DMA, junto con sus padres) ya se hab\u00eda habilitado. Para responder al retorno de aplazamiento de la sonda, se deshabilit\u00f3 el reloj CLK_DMA, y esto provoc\u00f3 que los relojes padre tambi\u00e9n redujeran su contador de habilitaciones. Cuando se decrement\u00f3 el contador de habilitaciones para pll1_d8, se convirti\u00f3 en 0, lo que provoc\u00f3 que se deshabilitara. Esto provoc\u00f3 un cuelgue del sistema. Marcar ese reloj como cr\u00edtico resuelve esto evitando que se deshabilite. Defina una nueva macro CCU_FACTOR_GATE_DEFINE() para permitir que se suministren indicadores de reloj para un reloj CCU_FACTOR_GATE."}], "id": "CVE-2025-38633", "lastModified": "2025-11-26T17:11:58.190", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-08-22T16:15:37.173", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/10948c00e548e9ad2ce9d765baf26dce2d9b806b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7554729de27daf6d54bcf8689d863bbe267828bf"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: clk: spacemit: mark K1 pll1_d8 as critical", "id": "2390403", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2390403"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nclk: spacemit: mark K1 pll1_d8 as critical\nThe pll1_d8 clock is enabled by the boot loader, and is ultimately a\nparent for numerous clocks, including those used by APB and AXI buses.\nGuodong Xu discovered that this clock got disabled while responding to\ngetting -EPROBE_DEFER when requesting a reset controller.\nThe needed clock (CLK_DMA, along with its parents) had already been\nenabled. To respond to the probe deferral return, the CLK_DMA clock\nwas disabled, and this led to parent clocks also reducing their enable\ncount. When the enable count for pll1_d8 was decremented it became 0,\nwhich caused it to be disabled. This led to a system hang.\nMarking that clock critical resolves this by preventing it from being\ndisabled.\nDefine a new macro CCU_FACTOR_GATE_DEFINE() to allow clock flags to\nbe supplied for a CCU_FACTOR_GATE clock."], "name": "CVE-2025-38633", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-08-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38633\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38633\nhttps://lore.kernel.org/linux-cve-announce/2025082232-CVE-2025-38633-3b1d@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-08-23T10:55:28.589155+00:00", "updated": "2025-08-23T10:55:28.589229+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}