CVE-2025-39752
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-11

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ARM: rockchip: fix kernel hang during smp initialization In order to bring up secondary CPUs main CPU write trampoline code to SRAM. The trampoline code is written while secondary CPUs are powered on (at least that true for RK3188 CPU). Sometimes that leads to kernel hang. Probably because secondary CPU execute trampoline code while kernel doesn't expect. The patch moves SRAM initialization step to the point where all secondary CPUs are powered down. That fixes rarely hangs on RK3188: [ 0.091568] CPU0: thread -1, cpu 0, socket 0, mpidr 80000000 [ 0.091996] rockchip_smp_prepare_cpus: ncores 4
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-11
Last Modified
2025-11-03
Generated
2026-05-07
AI Q&A
2025-09-11
EPSS Evaluated
2026-05-05
NVD
CVE-2025-39752
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel 5.10.244
linux linux_kernel 6.1.153
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel on ARM rockchip platforms, specifically affecting the RK3188 CPU. During the initialization of secondary CPUs (SMP initialization), the main CPU writes trampoline code to SRAM while the secondary CPUs are powered on. This can cause the kernel to hang because the secondary CPUs might execute the trampoline code unexpectedly. The fix involves moving the SRAM initialization to a point where all secondary CPUs are powered down, preventing the kernel hang.


How can this vulnerability impact me? :

This vulnerability can cause the Linux kernel to hang during the startup process on affected ARM rockchip devices, particularly those using the RK3188 CPU. A kernel hang means the system could become unresponsive or fail to boot properly, leading to potential downtime or disruption of services on affected devices.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability manifests as a kernel hang during SMP initialization on ARM Rockchip platforms, particularly RK3188 CPUs. Detection can be done by monitoring system boot logs for messages indicating hangs or issues during CPU initialization, such as lines similar to '[ 0.091568] CPU0: thread -1, cpu 0, socket 0, mpidr 80000000' and '[ 0.091996] rockchip_smp_prepare_cpus: ncores 4'. You can check the kernel log using commands like 'dmesg | grep rockchip_smp_prepare_cpus' or 'dmesg | grep CPU' to look for related messages during boot. Additionally, observing system hangs or freezes during boot on affected hardware may indicate this issue.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability is fixed by a kernel patch that moves the SRAM initialization step to after all secondary CPUs are powered down, preventing kernel hangs during SMP initialization. Immediate mitigation involves updating the Linux kernel on affected ARM Rockchip devices (such as RK3188) to a version that includes this fix. If updating is not immediately possible, avoiding workloads or configurations that trigger secondary CPU initialization during boot may reduce the chance of hangs, but the primary mitigation is applying the patched kernel.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart