CVE-2025-38516
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-16

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: mark certain pins as invalid for interrupts On some platforms, the UFS-reset pin has no interrupt logic in TLMM but is nevertheless registered as a GPIO in the kernel. This enables the user-space to trigger a BUG() in the pinctrl-msm driver by running, for example: `gpiomon -c 0 113` on RB2. The exact culprit is requesting pins whose intr_detection_width setting is not 1 or 2 for interrupts. This hits a BUG() in msm_gpio_irq_set_type(). Potentially crashing the kernel due to an invalid request from user-space is not optimal, so let's go through the pins and mark those that would fail the check as invalid for the irq chip as we should not even register them as available irqs. This function can be extended if we determine that there are more corner-cases like this.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-16
Last Modified
2025-11-03
Generated
2026-05-07
AI Q&A
2025-08-16
EPSS Evaluated
2026-05-05
NVD
CVE-2025-38516
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel 5.10.244
linux linux_kernel 6.1.153
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Linux kernel's pinctrl driver for Qualcomm MSM platforms. Certain pins, like the UFS-reset pin, are registered as GPIOs but lack interrupt logic. When user-space requests interrupts on these pins with invalid settings, it triggers a BUG() in the kernel driver, potentially crashing the system. The fix involves marking such pins as invalid for interrupts to prevent these invalid requests and kernel crashes.


How can this vulnerability impact me? :

This vulnerability can cause the Linux kernel to crash if user-space triggers interrupts on pins that do not support them. This can lead to system instability or denial of service due to kernel crashes caused by invalid interrupt requests.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by attempting to trigger the BUG() in the pinctrl-msm driver using user-space commands such as `gpiomon -c 0 113` on affected platforms. Monitoring for kernel crashes or BUG() messages related to msm_gpio_irq_set_type() in system logs can also indicate the presence of this issue.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves ensuring that pins with intr_detection_width settings not equal to 1 or 2 are marked as invalid for interrupts, preventing them from being registered as available IRQs. Avoid running commands that request such pins for interrupts from user-space, such as `gpiomon -c 0 113`, until the kernel is patched with the fix that marks these pins invalid.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart