目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2025-38104— Linux kernel 安全漏洞

AI 预测 5.5 利用难度: 困难 EPSS 0.15% · P5

影响版本矩阵 18

厂商产品版本范围状态
LinuxLinuxf39a3bc42815a7016a915f6cb35e9a1448788f06< dd450b513718dfeb4c637c9335d51a55ebcd4320affected
1adb5ebe205e96af77a93512e2d5b8c437548787< d1bda2ab0cf956a16dd369a473a6c43dfbed5855affected
e864180ee49b4d30e640fd1e1d852b86411420c9< 07ed75bfa7ede8bfcfa303fd6efc85db1c8684c7affected
e864180ee49b4d30e640fd1e1d852b86411420c9< 1c0378830e42c98acd69e0289882c8637d92f285affected
e864180ee49b4d30e640fd1e1d852b86411420c9< 5c1741a0c176ae11675a64cb7f2dd21d72db6b91affected
e864180ee49b4d30e640fd1e1d852b86411420c9< dc0297f3198bd60108ccbd167ee5d9fa4af31ed0affected
e1ab38e99d1607f80a1670a399511a56464c0253affected
6.1.105< 6.1.162affected
… +10 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2025-38104 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV RLCG Register Access is a way for virtual functions to safely access GPU registers in a virtualized environment., including TLB flushes and register reads. When multiple threads or VFs try to access the same registers simultaneously, it can lead to race conditions. By using the RLCG interface, the driver can serialize access to the registers. This means that only one thread can access the registers at a time, preventing conflicts and ensuring that operations are performed correctly. Additionally, when a low-priority task holds a mutex that a high-priority task needs, ie., If a thread holding a spinlock tries to acquire a mutex, it can lead to priority inversion. register access in amdgpu_virt_rlcg_reg_rw especially in a fast code path is critical. The call stack shows that the function amdgpu_virt_rlcg_reg_rw is being called, which attempts to acquire the mutex. This function is invoked from amdgpu_sriov_wreg, which in turn is called from gmc_v11_0_flush_gpu_tlb. The [ BUG: Invalid wait context ] indicates that a thread is trying to acquire a mutex while it is in a context that does not allow it to sleep (like holding a spinlock). Fixes the below: [ 253.013423] ============================= [ 253.013434] [ BUG: Invalid wait context ] [ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE [ 253.013464] ----------------------------- [ 253.013475] kworker/0:1/10 is trying to lock: [ 253.013487] ffff9f30542e3cf8 (&adev->virt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu] [ 253.013815] other info that might help us debug this: [ 253.013827] context-{4:4} [ 253.013835] 3 locks held by kworker/0:1/10: [ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680 [ 253.013877] #1: ffffb789c008be40 ((work_completion)(&wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680 [ 253.013905] #2: ffff9f3054281838 (&adev->gmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu] [ 253.014154] stack backtrace: [ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14 [ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE [ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024 [ 253.014224] Workqueue: events work_for_cpu_fn [ 253.014241] Call Trace: [ 253.014250] <TASK> [ 253.014260] dump_stack_lvl+0x9b/0xf0 [ 253.014275] dump_stack+0x10/0x20 [ 253.014287] __lock_acquire+0xa47/0x2810 [ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5 [ 253.014321] lock_acquire+0xd1/0x300 [ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu] [ 253.014562] ? __lock_acquire+0xa6b/0x2810 [ 253.014578] __mutex_lock+0x85/0xe20 [ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu] [ 253.014782] ? sched_clock_noinstr+0x9/0x10 [ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5 [ 253.014808] ? local_clock_noinstr+0xe/0xc0 [ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu] [ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5 [ 253.015029] mutex_lock_nested+0x1b/0x30 [ 253.015044] ? mutex_lock_nested+0x1b/0x30 [ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu] [ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu] [ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu] [ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu] [ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu] [ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5 [ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu] [ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu] [ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu] [ 253.0170 ---truncated---
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于RLCG寄存器访问使用互斥锁而非自旋锁,可能导致优先级反转。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux f39a3bc42815a7016a915f6cb35e9a1448788f06 ~ dd450b513718dfeb4c637c9335d51a55ebcd4320 -
LinuxLinux 6.11 -

二、漏洞 CVE-2025-38104 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-38104 的情报信息

登录查看更多情报信息。

CVE-2025-38104 其他参考 (3)

同批安全公告 · Linux · 2025-04-18 · 共 23 条

CVE-2025-38637Linux kernel 安全漏洞
CVE-2025-37785Linux kernel 安全漏洞
CVE-2025-37860Linux kernel 安全漏洞
CVE-2025-37925Linux kernel 安全漏洞
CVE-2025-37893Linux kernel 安全漏洞
CVE-2025-38049Linux kernel 安全漏洞
CVE-2025-38152Linux kernel 安全漏洞
CVE-2025-38240Linux kernel 安全漏洞
CVE-2025-38479Linux kernel 安全漏洞
CVE-2025-38575Linux kernel 安全漏洞
CVE-2025-39688Linux kernel 安全漏洞
CVE-2025-37838Linux kernel 安全漏洞
CVE-2025-39735Linux kernel 安全漏洞
CVE-2025-39728Linux kernel 安全漏洞
CVE-2025-39755Linux kernel 安全漏洞
CVE-2025-39778Linux kernel 安全漏洞
CVE-2025-39930Linux kernel 安全漏洞
CVE-2025-39989Linux kernel 安全漏洞
CVE-2025-40014Linux kernel 安全漏洞
CVE-2025-40114Linux kernel 安全漏洞

显示前 20 条,共 23 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2025-38104

暂无评论


发表评论