Linux Kernel Vulnerability in CAAM for iMX8QM and iMX8ULP by ARM
CVE-2025-39722

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 5 September 2025

What is CVE-2025-39722?

A vulnerability in the Linux kernel has been identified that affects the CAAM component in iMX8QM and iMX8ULP systems. This issue arises during suspend operations, where crashes can occur if page 0 is reserved by another processor core, such as the Security Controller (SECO) in iMX8QM or the Secure Enclave in iMX8ULP. A state variable called no_page0 has been introduced to monitor the reservation status of page 0, enabling a more reliable suspend/resume process. The fix addresses a specific error encountered during system suspend, improving overall system stability and performance.

Affected Version(s)

Linux d2835701d93cae6d597672ef9dc3fa889867031a

Linux d2835701d93cae6d597672ef9dc3fa889867031a < 488ed465e579a20485f38080e4ef8b90b69ef7c0

Linux d2835701d93cae6d597672ef9dc3fa889867031a < 5ffc47feddcf8eb4d8ac7b42111a02c8e8146512

References

https://git.kernel.org/stable/c/f9534674ce53f133c91c272f0...

https://git.kernel.org/stable/c/488ed465e579a20485f38080e...

https://git.kernel.org/stable/c/5ffc47feddcf8eb4d8ac7b421...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2025
Vulnerability Reserved
Apr 16, 2025