CVE-2025-40161

Summary

In the Linux kernel, the following vulnerability has been resolved:

mailbox: zynqmp-ipi: Fix SGI cleanup on unbind

The driver incorrectly determines SGI vs SPI interrupts by checking IRQ number < 16, which fails with dynamic IRQ allocation. During unbind, this causes improper SGI cleanup leading to kernel crash.

Add explicit irq_type field to pdata for reliable identification of SGI interrupts (type-2) and only clean up SGI resources when appropriate.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6ffb1635341bec50fa9540ae7827d1e5d75ae0b0 < 1ee147efee68be00203b1fee6479911debb1edb2affected
LinuxLinux6ffb1635341bec50fa9540ae7827d1e5d75ae0b0 < 32bf7c6e01f5ba17a53ba236a770bd0274cefdf4affected
LinuxLinux6ffb1635341bec50fa9540ae7827d1e5d75ae0b0 < bb160e791ab15b89188a7a19589b8e11f681bef3affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.12.54 <= 6.12.*unaffected
LinuxLinux6.17.4 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References