CVE-2025-68370

Summary

In the Linux kernel, the following vulnerability has been resolved:

coresight: tmc: add the handle of the event to the path

The handle is essential for retrieving the AUX_EVENT of each CPU and is required in perf mode. It has been added to the coresight_path so that dependent devices can access it from the path when needed.

The existing bug can be reproduced with: perf record -e cs_etm//k -C 0-9 dd if=/dev/zero of=/dev/null

Showing an oops as follows: Unable to handle kernel paging request at virtual address 000f6e84934ed19e

Call trace: tmc_etr_get_buffer+0x30/0x80 [coresight_tmc] (P) catu_enable_hw+0xbc/0x3d0 [coresight_catu] catu_enable+0x70/0xe0 [coresight_catu] coresight_enable_path+0xb0/0x258 [coresight]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux080ee83cc361451a7de7b5486c7f96ce454f7203 < faa8f38f7ccb344ace2c1f364efc70e3a12d32f3affected
LinuxLinux080ee83cc361451a7de7b5486c7f96ce454f7203 < d0c9effd82f2c19b92acd07d357fac5f392d549aaffected
LinuxLinux080ee83cc361451a7de7b5486c7f96ce454f7203 < aaa5abcc9d44d2c8484f779ab46d242d774cabcbaffected
LinuxLinux6.15affected
LinuxLinux0 < 6.15unaffected
LinuxLinux6.17.13 <= 6.17.*unaffected
LinuxLinux6.18.2 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References