CVE-2025-68370
Kernel Paging Fault in Linux coresight_tmc Causes System Crash
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's coresight subsystem involves the tmc component not handling the event properly in the path. Specifically, the handle required to retrieve the AUX_EVENT of each CPU in perf mode was missing from the coresight_path, causing a kernel oops (crash) when running certain perf record commands. The issue has been fixed by adding the event handle to the path so dependent devices can access it correctly.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash (kernel oops) when using perf record with certain events, potentially leading to system instability or denial of service during performance monitoring activities.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by reproducing the bug using the command: perf record -e cs_etm//k -C 0-9 dd if=/dev/zero of=/dev/null. If the system shows a kernel oops with a message similar to 'Unable to handle kernel paging request at virtual address ...' and a call trace involving coresight_tmc and coresight_catu modules, it indicates the presence of the vulnerability.