CVE-2025-68318
BaseFortify
Publication date: 2025-12-16
Last updated on: 2025-12-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the AXI crossbar of the TH1520 in the Linux kernel, which lacks proper timeout handling. As a result, gating (disabling) AXI clocks can cause a bus timeout, leading to a system hang. The fix involves setting all AXI clock gates to CLK_IS_CRITICAL to prevent them from being gated unintentionally, and converting CLK_IGNORE_UNUSED usage to CLK_IS_CRITICAL to avoid unwanted clock gating.
How can this vulnerability impact me? :
The vulnerability can cause the system to hang due to bus timeouts when AXI clocks are gated improperly. This can lead to system instability or crashes, affecting the reliability and availability of the affected system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that all AXI clock gates are set to CLK_IS_CRITICAL as per the fix. This prevents gating AXI clocks that can lead to bus timeout and system hang. Additionally, convert all CLK_IGNORE_UNUSED usage to CLK_IS_CRITICAL to prevent unwanted clock gating. Since these clock gates are ungated by default on system reset, verify that your system is running the updated Linux kernel version that includes this fix.