CVE-2025-21645

Summary

In the Linux kernel, the following vulnerability has been resolved:

platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it

Wakeup for IRQ1 should be disabled only in cases where i8042 had actually enabled it, otherwise "wake_depth" for this IRQ will try to drop below zero and there will be an unpleasant WARN() logged:

kernel: atkbd serio0: Disabling IRQ1 wakeup source to avoid platform firmware bug kernel: ————[ cut here ]———— kernel: Unbalanced IRQ 1 wake disable kernel: WARNING: CPU: 10 PID: 6431 at kernel/irq/manage.c:920 irq_set_irq_wake+0x147/0x1a0

The PMC driver uses DEFINE_SIMPLE_DEV_PM_OPS() to define its dev_pm_ops which sets amd_pmc_suspend_handler() to the .suspend, .freeze, and .poweroff handlers. i8042_pm_suspend(), however, is only set as the .suspend handler.

Fix the issue by call PMC suspend handler only from the same set of dev_pm_ops handlers as i8042_pm_suspend(), which currently means just the .suspend handler.

To reproduce this issue try hibernating (S4) the machine after a fresh boot without putting it into s2idle first.

[ij: edited the commit message.]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux72e5a83b7c8401856cc3732150af24e43726717a < ab47d72b736e78d3c2370b26e0bfc46eb0918391affected
LinuxLinux8e60615e8932167057b363c11a7835da7f007106 < 5cc621085e2b7a9b1905a98f8e5a86bb4aea2016affected
LinuxLinux8e60615e8932167057b363c11a7835da7f007106 < b25778c87a6bce40c31e92364f08aa6240309e25affected
LinuxLinux8e60615e8932167057b363c11a7835da7f007106 < dd410d784402c5775f66faf8b624e85e41c38aafaffected
LinuxLinux3fc9dc0340e0b5df8059313537b55f82c1e84e94affected
LinuxLinux6.1.11 < 6.1.140affected
LinuxLinux5.15.95 < 5.16affected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.1.140 <= 6.1.*unaffected
LinuxLinux6.6.72 <= 6.6.*unaffected
LinuxLinux6.12.10 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References