CVE-2025-39681
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-05

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Since 923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot") resctrl_cpu_detect() has been moved from common CPU initialization code to the vendor-specific BSP init helper, while Hygon didn't put that call in their code. This triggers a division by zero fault during early booting stage on our machines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries to calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale. Add the missing resctrl_cpu_detect() in the Hygon BSP init helper. [ bp: Massage commit message. ]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-05
Last Modified
2025-11-03
Generated
2026-06-16
AI Q&A
2025-09-05
EPSS Evaluated
2026-06-15
NVD
CVE-2025-39681
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hygon linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel on Hygon CPUs where a function called resctrl_cpu_detect() was not called during the CPU initialization process. This missing call causes a division by zero fault during the early boot stage on machines that support certain CPU monitoring features (X86_FEATURE_CQM*). The fault happens because the system tries to calculate a monitoring configuration using uninitialized data, leading to a crash or failure during boot.

Impact Analysis

The vulnerability can cause a division by zero fault during the early boot process on affected machines, which may prevent the system from booting properly or cause instability during startup. This can lead to system downtime or inability to use the affected hardware until the issue is resolved.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-39681. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart