CVE-2025-21684

5.5

MEDIUM CVSS 3.1

Xilinx GPIO Lock Violation Vulnerability

Overview
Vulnerability Timeline

Description

In the Linux kernel, the following vulnerability has been resolved: gpio: xilinx: Convert gpio_lock to raw spinlock irq_chip functions may be called in raw spinlock context. Therefore, we must also use a raw spinlock for our own internal locking. This fixes the following lockdep splat: [ 5.349336] ============================= [ 5.353349] [ BUG: Invalid wait context ] [ 5.357361] 6.13.0-rc5+ #69 Tainted: G W [ 5.363031] ----------------------------- [ 5.367045] kworker/u17:1/44 is trying to lock: [ 5.371587] ffffff88018b02c0 (&chip->gpio_lock){....}-{3:3}, at: xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8)) [ 5.380079] other info that might help us debug this: [ 5.385138] context-{5:5} [ 5.387762] 5 locks held by kworker/u17:1/44: [ 5.392123] #0: ffffff8800014958 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3204) [ 5.402260] #1: ffffffc082fcbdd8 (deferred_probe_work){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3205) [ 5.411528] #2: ffffff880172c900 (&dev->mutex){....}-{4:4}, at: __device_attach (drivers/base/dd.c:1006) [ 5.419929] #3: ffffff88039c8268 (request_class#2){+.+.}-{4:4}, at: __setup_irq (kernel/irq/internals.h:156 kernel/irq/manage.c:1596) [ 5.428331] #4: ffffff88039c80c8 (lock_class#2){....}-{2:2}, at: __setup_irq (kernel/irq/manage.c:1614) [ 5.436472] stack backtrace: [ 5.439359] CPU: 2 UID: 0 PID: 44 Comm: kworker/u17:1 Tainted: G W 6.13.0-rc5+ #69 [ 5.448690] Tainted: [W]=WARN [ 5.451656] Hardware name: xlnx,zynqmp (DT) [ 5.455845] Workqueue: events_unbound deferred_probe_work_func [ 5.461699] Call trace: [ 5.464147] show_stack+0x18/0x24 C [ 5.467821] dump_stack_lvl (lib/dump_stack.c:123) [ 5.471501] dump_stack (lib/dump_stack.c:130) [ 5.474824] __lock_acquire (kernel/locking/lockdep.c:4828 kernel/locking/lockdep.c:4898 kernel/locking/lockdep.c:5176) [ 5.478758] lock_acquire (arch/arm64/include/asm/percpu.h:40 kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851 kernel/locking/lockdep.c:5814) [ 5.482429] _raw_spin_lock_irqsave (include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162) [ 5.486797] xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8)) [ 5.490737] irq_enable (kernel/irq/internals.h:236 kernel/irq/chip.c:170 kernel/irq/chip.c:439 kernel/irq/chip.c:432 kernel/irq/chip.c:345) [ 5.494060] __irq_startup (kernel/irq/internals.h:241 kernel/irq/chip.c:180 kernel/irq/chip.c:250) [ 5.497645] irq_startup (kernel/irq/chip.c:270) [ 5.501143] __setup_irq (kernel/irq/manage.c:1807) [ 5.504728] request_threaded_irq (kernel/irq/manage.c:2208)

INFO

Published Date :

Feb. 9, 2025, 12:15 p.m.

Last Modified :

March 13, 2025, 1:15 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Products

The following products are affected by CVE-2025-21684 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product	Action
1	Linux	linux_kernel

: Total Affected Vendor : 1 | Products : 1

CVSS Scores

The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.

Score	Version	Severity	Vector	Exploitability Score	Impact Score	Source
	CVSS 3.1	MEDIUM				[email protected]

Solution

Update the Linux kernel to address a race condition in the GPIO driver.

Update the Linux kernel to the latest version.
Apply the provided patch to the kernel source.
Recompile and install the kernel.
Reboot the system to load the new kernel.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-21684.

URL	Resource
https://git.kernel.org/stable/c/9860370c2172704b6b4f0075a0c2a29fd84af96a	Patch
https://git.kernel.org/stable/c/9c035105c5537d2ecad6b9415e9417a1ffbd0a62	Patch
https://git.kernel.org/stable/c/b0111650ee596219bb5defa0ce1a1308e6e77ccf	Patch
https://git.kernel.org/stable/c/d25041d4a3b2af64c888cf762362b2528ba59294
https://git.kernel.org/stable/c/f0ed2d0abc021f56fa27dc6d0770535c1851a43b

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-21684 is associated with the following CWEs:

CWE-667: Improper Locking

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-21684 weaknesses.

CAPEC-25: Forced Deadlock Forced Deadlock CAPEC-26: Leveraging Race Conditions Leveraging Race Conditions CAPEC-27: Leveraging Race Conditions via Symbolic Links Leveraging Race Conditions via Symbolic Links

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-21684 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2025-21684 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mar. 13, 2025

Action	Type	Old Value	New Value
Added	Reference		https://git.kernel.org/stable/c/d25041d4a3b2af64c888cf762362b2528ba59294

CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Feb. 21, 2025

Action	Type	Old Value	New Value
Added	Reference		https://git.kernel.org/stable/c/f0ed2d0abc021f56fa27dc6d0770535c1851a43b

Initial Analysis by [email protected]

Feb. 11, 2025

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Added	CWE		NIST CWE-667
Added	CPE Configuration		OR cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.12 up to (excluding) 6.6.74 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.7 up to (excluding) 6.12.11 cpe:2.3:o:linux:linux_kernel:6.13:rc1::::::* cpe:2.3:o:linux:linux_kernel:6.13:rc2::::::* cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::* cpe:2.3:o:linux:linux_kernel:6.13:rc4::::::* cpe:2.3:o:linux:linux_kernel:6.13:rc5::::::* cpe:2.3:o:linux:linux_kernel:6.13:rc6::::::* cpe:2.3:o:linux:linux_kernel:6.13:rc7::::::*
Changed	Reference Type	https://git.kernel.org/stable/c/9860370c2172704b6b4f0075a0c2a29fd84af96a No Types Assigned	https://git.kernel.org/stable/c/9860370c2172704b6b4f0075a0c2a29fd84af96a Patch
Changed	Reference Type	https://git.kernel.org/stable/c/9c035105c5537d2ecad6b9415e9417a1ffbd0a62 No Types Assigned	https://git.kernel.org/stable/c/9c035105c5537d2ecad6b9415e9417a1ffbd0a62 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/b0111650ee596219bb5defa0ce1a1308e6e77ccf No Types Assigned	https://git.kernel.org/stable/c/b0111650ee596219bb5defa0ce1a1308e6e77ccf Patch

New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Feb. 09, 2025

Action	Type	New Value
Added	Description	In the Linux kernel, the following vulnerability has been resolved: gpio: xilinx: Convert gpio_lock to raw spinlock irq_chip functions may be called in raw spinlock context. Therefore, we must also use a raw spinlock for our own internal locking. This fixes the following lockdep splat: [ 5.349336] ============================= [ 5.353349] [ BUG: Invalid wait context ] [ 5.357361] 6.13.0-rc5+ #69 Tainted: G W [ 5.363031] ----------------------------- [ 5.367045] kworker/u17:1/44 is trying to lock: [ 5.371587] ffffff88018b02c0 (&chip->gpio_lock){....}-{3:3}, at: xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8)) [ 5.380079] other info that might help us debug this: [ 5.385138] context-{5:5} [ 5.387762] 5 locks held by kworker/u17:1/44: [ 5.392123] #0: ffffff8800014958 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3204) [ 5.402260] #1: ffffffc082fcbdd8 (deferred_probe_work){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3205) [ 5.411528] #2: ffffff880172c900 (&dev->mutex){....}-{4:4}, at: __device_attach (drivers/base/dd.c:1006) [ 5.419929] #3: ffffff88039c8268 (request_class#2){+.+.}-{4:4}, at: __setup_irq (kernel/irq/internals.h:156 kernel/irq/manage.c:1596) [ 5.428331] #4: ffffff88039c80c8 (lock_class#2){....}-{2:2}, at: __setup_irq (kernel/irq/manage.c:1614) [ 5.436472] stack backtrace: [ 5.439359] CPU: 2 UID: 0 PID: 44 Comm: kworker/u17:1 Tainted: G W 6.13.0-rc5+ #69 [ 5.448690] Tainted: [W]=WARN [ 5.451656] Hardware name: xlnx,zynqmp (DT) [ 5.455845] Workqueue: events_unbound deferred_probe_work_func [ 5.461699] Call trace: [ 5.464147] show_stack+0x18/0x24 C [ 5.467821] dump_stack_lvl (lib/dump_stack.c:123) [ 5.471501] dump_stack (lib/dump_stack.c:130) [ 5.474824] __lock_acquire (kernel/locking/lockdep.c:4828 kernel/locking/lockdep.c:4898 kernel/locking/lockdep.c:5176) [ 5.478758] lock_acquire (arch/arm64/include/asm/percpu.h:40 kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851 kernel/locking/lockdep.c:5814) [ 5.482429] _raw_spin_lock_irqsave (include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162) [ 5.486797] xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8)) [ 5.490737] irq_enable (kernel/irq/internals.h:236 kernel/irq/chip.c:170 kernel/irq/chip.c:439 kernel/irq/chip.c:432 kernel/irq/chip.c:345) [ 5.494060] __irq_startup (kernel/irq/internals.h:241 kernel/irq/chip.c:180 kernel/irq/chip.c:250) [ 5.497645] irq_startup (kernel/irq/chip.c:270) [ 5.501143] __setup_irq (kernel/irq/manage.c:1807) [ 5.504728] request_threaded_irq (kernel/irq/manage.c:2208)
Added	Reference	https://git.kernel.org/stable/c/9860370c2172704b6b4f0075a0c2a29fd84af96a
Added	Reference	https://git.kernel.org/stable/c/9c035105c5537d2ecad6b9415e9417a1ffbd0a62
Added	Reference	https://git.kernel.org/stable/c/b0111650ee596219bb5defa0ce1a1308e6e77ccf

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CVE-2025-21684

Xilinx GPIO Lock Violation Vulnerability

Description

INFO

Feb. 9, 2025, 12:15 p.m.

March 13, 2025, 1:15 p.m.

No

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Products

CVSS Scores

Solution

References to Advisories, Solutions, and Tools

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Initial Analysis by [email protected]

New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Vulnerability Scoring Details

Base CVSS Score: 5.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable