{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-39722", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.117Z", "datePublished": "2025-09-05T17:21:29.924Z", "dateUpdated": "2025-09-29T05:58:09.333Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-29T05:58:09.333Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP\n\nSince the CAAM on these SoCs is managed by another ARM core, called the\nSECO (Security Controller) on iMX8QM and Secure Enclave on iMX8ULP, which\nalso reserves access to register page 0 suspend operations cannot touch\nthis page.\n\nThis is similar to when running OPTEE, where OPTEE will reserve page 0.\n\nTrack this situation using a new state variable no_page0, reflecting if\npage 0 is reserved elsewhere, either by other management cores in SoC or\nby OPTEE.\n\nReplace the optee_en check in suspend/resume with the new check.\n\noptee_en cannot go away as it's needed elsewhere to gate OPTEE specific\nsituations.\n\nFixes the following splat at suspend:\n\n Internal error: synchronous external abort: 0000000096000010 [#1] SMP\n Hardware name: Freescale i.MX8QXP ACU6C (DT)\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : readl+0x0/0x18\n lr : rd_reg32+0x18/0x3c\n sp : ffffffc08192ba20\n x29: ffffffc08192ba20 x28: ffffff8025190000 x27: 0000000000000000\n x26: ffffffc0808ae808 x25: ffffffc080922338 x24: ffffff8020e89090\n x23: 0000000000000000 x22: ffffffc080922000 x21: ffffff8020e89010\n x20: ffffffc080387ef8 x19: ffffff8020e89010 x18: 000000005d8000d5\n x17: 0000000030f35963 x16: 000000008f785f3f x15: 000000003b8ef57c\n x14: 00000000c418aef8 x13: 00000000f5fea526 x12: 0000000000000001\n x11: 0000000000000002 x10: 0000000000000001 x9 : 0000000000000000\n x8 : ffffff8025190870 x7 : ffffff8021726880 x6 : 0000000000000002\n x5 : ffffff80217268f0 x4 : ffffff8021726880 x3 : ffffffc081200000\n x2 : 0000000000000001 x1 : ffffff8020e89010 x0 : ffffffc081200004\n Call trace:\n readl+0x0/0x18\n caam_ctrl_suspend+0x30/0xdc\n dpm_run_callback.constprop.0+0x24/0x5c\n device_suspend+0x170/0x2e8\n dpm_suspend+0xa0/0x104\n dpm_suspend_start+0x48/0x50\n suspend_devices_and_enter+0x7c/0x45c\n pm_suspend+0x148/0x160\n state_store+0xb4/0xf8\n kobj_attr_store+0x14/0x24\n sysfs_kf_write+0x38/0x48\n kernfs_fop_write_iter+0xb4/0x178\n vfs_write+0x118/0x178\n ksys_write+0x6c/0xd0\n __arm64_sys_write+0x14/0x1c\n invoke_syscall.constprop.0+0x64/0xb0\n do_el0_svc+0x90/0xb0\n el0_svc+0x18/0x44\n el0t_64_sync_handler+0x88/0x124\n el0t_64_sync+0x150/0x154\n Code: 88dffc21 88dffc21 5ac00800 d65f03c0 (b9400000)"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/caam/ctrl.c", "drivers/crypto/caam/intern.h"], "versions": [{"version": "d2835701d93cae6d597672ef9dc3fa889867031a", "lessThan": "f9534674ce53f133c91c272f091f0242932574ae", "status": "affected", "versionType": "git"}, {"version": "d2835701d93cae6d597672ef9dc3fa889867031a", "lessThan": "488ed465e579a20485f38080e4ef8b90b69ef7c0", "status": "affected", "versionType": "git"}, {"version": "d2835701d93cae6d597672ef9dc3fa889867031a", "lessThan": "5ffc47feddcf8eb4d8ac7b42111a02c8e8146512", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/caam/ctrl.c", "drivers/crypto/caam/intern.h"], "versions": [{"version": "6.10", "status": "affected"}, {"version": "0", "lessThan": "6.10", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.44", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.4", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.10", "versionEndExcluding": "6.12.44"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.10", "versionEndExcluding": "6.16.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.10", "versionEndExcluding": "6.17"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/f9534674ce53f133c91c272f091f0242932574ae"}, {"url": "https://git.kernel.org/stable/c/488ed465e579a20485f38080e4ef8b90b69ef7c0"}, {"url": "https://git.kernel.org/stable/c/5ffc47feddcf8eb4d8ac7b42111a02c8e8146512"}], "title": "crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP\n\nSince the CAAM on these SoCs is managed by another ARM core, called the\nSECO (Security Controller) on iMX8QM and Secure Enclave on iMX8ULP, which\nalso reserves access to register page 0 suspend operations cannot touch\nthis page.\n\nThis is similar to when running OPTEE, where OPTEE will reserve page 0.\n\nTrack this situation using a new state variable no_page0, reflecting if\npage 0 is reserved elsewhere, either by other management cores in SoC or\nby OPTEE.\n\nReplace the optee_en check in suspend/resume with the new check.\n\noptee_en cannot go away as it's needed elsewhere to gate OPTEE specific\nsituations.\n\nFixes the following splat at suspend:\n\n Internal error: synchronous external abort: 0000000096000010 [#1] SMP\n Hardware name: Freescale i.MX8QXP ACU6C (DT)\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : readl+0x0/0x18\n lr : rd_reg32+0x18/0x3c\n sp : ffffffc08192ba20\n x29: ffffffc08192ba20 x28: ffffff8025190000 x27: 0000000000000000\n x26: ffffffc0808ae808 x25: ffffffc080922338 x24: ffffff8020e89090\n x23: 0000000000000000 x22: ffffffc080922000 x21: ffffff8020e89010\n x20: ffffffc080387ef8 x19: ffffff8020e89010 x18: 000000005d8000d5\n x17: 0000000030f35963 x16: 000000008f785f3f x15: 000000003b8ef57c\n x14: 00000000c418aef8 x13: 00000000f5fea526 x12: 0000000000000001\n x11: 0000000000000002 x10: 0000000000000001 x9 : 0000000000000000\n x8 : ffffff8025190870 x7 : ffffff8021726880 x6 : 0000000000000002\n x5 : ffffff80217268f0 x4 : ffffff8021726880 x3 : ffffffc081200000\n x2 : 0000000000000001 x1 : ffffff8020e89010 x0 : ffffffc081200004\n Call trace:\n readl+0x0/0x18\n caam_ctrl_suspend+0x30/0xdc\n dpm_run_callback.constprop.0+0x24/0x5c\n device_suspend+0x170/0x2e8\n dpm_suspend+0xa0/0x104\n dpm_suspend_start+0x48/0x50\n suspend_devices_and_enter+0x7c/0x45c\n pm_suspend+0x148/0x160\n state_store+0xb4/0xf8\n kobj_attr_store+0x14/0x24\n sysfs_kf_write+0x38/0x48\n kernfs_fop_write_iter+0xb4/0x178\n vfs_write+0x118/0x178\n ksys_write+0x6c/0xd0\n __arm64_sys_write+0x14/0x1c\n invoke_syscall.constprop.0+0x64/0xb0\n do_el0_svc+0x90/0xb0\n el0_svc+0x18/0x44\n el0t_64_sync_handler+0x88/0x124\n el0t_64_sync+0x150/0x154\n Code: 88dffc21 88dffc21 5ac00800 d65f03c0 (b9400000)"}], "id": "CVE-2025-39722", "lastModified": "2025-09-08T16:25:38.810", "metrics": {}, "published": "2025-09-05T18:15:49.910", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/488ed465e579a20485f38080e4ef8b90b69ef7c0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5ffc47feddcf8eb4d8ac7b42111a02c8e8146512"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f9534674ce53f133c91c272f091f0242932574ae"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP", "id": "2393505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393505"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-39722", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-09-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-39722\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-39722\nhttps://lore.kernel.org/linux-cve-announce/2025090552-CVE-2025-39722-db08@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-09-06T09:01:38.528595+00:00", "updated": "2025-09-06T09:01:38.528646+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}