CVE-2025-23161

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-23161
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-23161.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-23161
Downstream
Related
Published
2025-05-01T13:15:52Z
Modified
2025-08-09T19:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

PCI: vmd: Make vmddev::cfglock a rawspinlockt type

The access to the PCI config space via pciops::read and pciops::write is a low-level hardware access. The functions can be accessed with disabled interrupts even on PREEMPTRT. The pcilock is a rawspinlockt for this purpose.

A spinlockt becomes a sleeping lock on PREEMPTRT, so it cannot be acquired with disabled interrupts. The vmddev::cfglock is accessed in the same context as the pci_lock.

Make vmddev::cfglock a rawspinlockt type so it can be used with interrupts disabled.

This was reported as:

BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:48 Call Trace: rtspinlock+0x4e/0x130 vmdpciread+0x8d/0x100 [vmd] pciuserreadconfigbyte+0x6f/0xe0 pcireadconfig+0xfe/0x290 sysfskfbinread+0x68/0x90

[bigeasy: reword commit message] Tested-off-by: Luis Claudio R. Goncalves lgoncalv@redhat.com [kwilczynski: commit log] [bhelgaas: add back report info from https://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]

References

Affected packages