Kernel Vulnerability in Linux Affecting Cortex-A76 Processor from Linux Vendor
CVE-2022-49888

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2025

Summary

A vulnerability in the Linux kernel related to the Cortex-A76 processor can lead to stack overflow conditions. The issue arises when the cortex_a76_erratum_1463225_debug_handler() function is probed during the handling of debug exceptions. When this occurs, a series of recursive exceptions can be triggered, resulting in a kernel panic. This issue has been identified as a regression from an earlier patch that inadvertently removed essential annotations preventing probing of the function, subsequently allowing conditions leading to a kernel stack overflow.

Affected Version(s)

Linux 6459b8469753e9feaa8b34691d097cffad905931 < 71d6c33fe223255f4416a01514da2c0bc3e283e7

Linux 6459b8469753e9feaa8b34691d097cffad905931

Linux 6459b8469753e9feaa8b34691d097cffad905931 < 024f4b2e1f874934943eb2d3d288ebc52c79f55c

References

https://git.kernel.org/stable/c/71d6c33fe223255f4416a0151...

https://git.kernel.org/stable/c/db66629d43b2d12cb43b004a4...

https://git.kernel.org/stable/c/024f4b2e1f874934943eb2d3d...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 1, 2025
Vulnerability Reserved
May 1, 2025