Kernel Panic Vulnerability in Linux Kernel Affecting ARM NI Devices
CVE-2025-38168

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 July 2025

What is CVE-2025-38168?

A vulnerability was identified in the Linux kernel related to the performance monitoring unit (PMU) management for ARM NI devices. When resource allocation fails in a clock domain of the NI device, the system fails to correctly rollback previously registered PMUs across other domains. This oversight can lead to severe stability issues, including kernel panics, compromising the system's reliability. The vulnerability manifests as a corruption of the linked list structure within the kernel, which could result in a fatal exception and disrupt the normal operation of affected systems.

Affected Version(s)

Linux 4d5a7680f2b4d0c2955e1d9f9a594b050d637436 < 7e958e116e3be05a1f869b5a885fc5d674c7725f

Linux 4d5a7680f2b4d0c2955e1d9f9a594b050d637436 < 72caf9886e9c1731cf7bfe3eabc308b9268b21d6

Linux 4d5a7680f2b4d0c2955e1d9f9a594b050d637436 < 7f57afde6a44d9e044885e1125034edd4fda02e8

References

https://git.kernel.org/stable/c/7e958e116e3be05a1f869b5a8...

https://git.kernel.org/stable/c/72caf9886e9c1731cf7bfe3ea...

https://git.kernel.org/stable/c/7f57afde6a44d9e044885e112...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2025
Vulnerability Reserved
Apr 16, 2025