CVE-2025-22012Improper Locking in Linux

CWE-667Improper LockingCWE-20Improper Input Validation5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 82.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 8

Description

In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: dts: qcom: sdm845: Affirm IDR0.CCTW on apps_smmu" There are reports that the pagetable walker cache coherency is not a given across the spectrum of SDM845/850 devices, leading to lock-ups and resets. It works fine on some devices (like the Dragonboard 845c, but not so much on the Lenovo Yoga C630). This unfortunately looks like a fluke in firmware development, where likely somewhere in the vast hypervisor stack

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.136.13.9+1
CVEListV5linux/linux6b31a9744b8726c69bb0af290f8475a368a4b8059e6e9fc90258a318d30b417bcccda908bb82ee9d+2
debiandebian/linux

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2025-22012: In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: dts: qcom: sdm845: Affirm IDR02025-04-08
GHSA
GHSA-mmrm-hwxf-8j92: In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: dts: qcom: sdm845: Affirm IDR02025-04-08

📋Vendor Advisories

2
Red Hat
kernel: Revert "arm64: dts: qcom: sdm845: Affirm IDR0.CCTW on apps_smmu"2025-04-08
Debian
CVE-2025-22012: linux - In the Linux kernel, the following vulnerability has been resolved: Revert "arm...2025
CVE-2025-22012 — Improper Locking in Linux | cvebase