CVE-2025-39681
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper
Since
923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot")
resctrl_cpu_detect() has been moved from common CPU initialization code to the vendor-specific BSP init helper, while Hygon didn't put that call in their code.
This triggers a division by zero fault during early booting stage on our machines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries to calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale.
Add the missing resctrl_cpu_detect() in the Hygon BSP init helper.
[ bp: Massage commit message. ]
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9 < 62f12cde10118253348a7540e85606869bd69432 | affected |
| Linux | Linux | 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9 < 873f32201df8876bdb2563e3187e79149427cab4 | affected |
| Linux | Linux | 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9 < fb81222c1559f89bfe3aa1010f6d112531d55353 | affected |
| Linux | Linux | 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9 < 7207923d8453ebfb35667c1736169f2dd796772e | affected |
| Linux | Linux | 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9 < a9e5924daa954c9f585c1ca00358afe71d6781c4 | affected |
| Linux | Linux | 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9 < d23264c257a70dbe021b43b3bc2ee16134cd2c69 | affected |
| Linux | Linux | 923f3a2b48bdccb6a1d1f0dd48de03de7ad936d9 < d8df126349dad855cdfedd6bbf315bad2e901c2f | affected |
| Linux | Linux | 5.8 | affected |
| Linux | Linux | 0 < 5.8 | unaffected |
| Linux | Linux | 5.10.242 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.190 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.149 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.103 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.44 <= 6.12.* | unaffected |
| Linux | Linux | 6.16.4 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Additional References
References
- https://git.kernel.org/stable/c/62f12cde10118253348a7540e85606869bd69432
- https://git.kernel.org/stable/c/873f32201df8876bdb2563e3187e79149427cab4
- https://git.kernel.org/stable/c/fb81222c1559f89bfe3aa1010f6d112531d55353
- https://git.kernel.org/stable/c/7207923d8453ebfb35667c1736169f2dd796772e
- https://git.kernel.org/stable/c/a9e5924daa954c9f585c1ca00358afe71d6781c4
- https://git.kernel.org/stable/c/d23264c257a70dbe021b43b3bc2ee16134cd2c69
- https://git.kernel.org/stable/c/d8df126349dad855cdfedd6bbf315bad2e901c2f
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.