CVE-2025-37901

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/05/2025
Last modified:
21/05/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs<br /> <br /> On Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not<br /> have a corresponding MPM pin and should not be handled inside the MPM<br /> driver. The IRQ domain hierarchy is always applied, so it&amp;#39;s required to<br /> explicitly disconnect the hierarchy for those. The pinctrl-msm driver marks<br /> these with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but<br /> irq-qcom-mpm is currently missing the check. This is causing crashes when<br /> setting up interrupts for non-wake GPIOs:<br /> <br /> root@rb1:~# gpiomon -c gpiochip1 10<br /> irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1<br /> Unable to handle kernel paging request at virtual address ffff8000a1dc3820<br /> Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)<br /> pc : mpm_set_type+0x80/0xcc<br /> lr : mpm_set_type+0x5c/0xcc<br /> Call trace:<br /> mpm_set_type+0x80/0xcc (P)<br /> qcom_mpm_set_type+0x64/0x158<br /> irq_chip_set_type_parent+0x20/0x38<br /> msm_gpio_irq_set_type+0x50/0x530<br /> __irq_set_trigger+0x60/0x184<br /> __setup_irq+0x304/0x6bc<br /> request_threaded_irq+0xc8/0x19c<br /> edge_detector_setup+0x260/0x364<br /> linereq_create+0x420/0x5a8<br /> gpio_ioctl+0x2d4/0x6c0<br /> <br /> Fix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that<br /> MPM is removed entirely from the hierarchy for non-wake GPIOs.

Impact