CVE-2025-21644

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/xe: Fix tlb invalidation when wedging<br /> <br /> If GuC fails to load, the driver wedges, but in the process it tries to<br /> do stuff that may not be initialized yet. This moves the<br /> xe_gt_tlb_invalidation_init() to be done earlier: as its own doc says,<br /> it&amp;#39;s a software-only initialization and should had been named with the<br /> _early() suffix.<br /> <br /> Move it to be called by xe_gt_init_early(), so the locks and seqno are<br /> initialized, avoiding a NULL ptr deref when wedging:<br /> <br /> xe 0000:03:00.0: [drm] *ERROR* GT0: load failed: status: Reset = 0, BootROM = 0x50, UKernel = 0x00, MIA = 0x00, Auth = 0x01<br /> xe 0000:03:00.0: [drm] *ERROR* GT0: firmware signature verification failed<br /> xe 0000:03:00.0: [drm] *ERROR* CRITICAL: Xe has declared device 0000:03:00.0 as wedged.<br /> ...<br /> BUG: kernel NULL pointer dereference, address: 0000000000000000<br /> #PF: supervisor read access in kernel mode<br /> #PF: error_code(0x0000) - not-present page<br /> PGD 0 P4D 0<br /> Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI<br /> CPU: 9 UID: 0 PID: 3908 Comm: modprobe Tainted: G U W 6.13.0-rc4-xe+ #3<br /> Tainted: [U]=USER, [W]=WARN<br /> Hardware name: Intel Corporation Alder Lake Client Platform/AlderLake-S ADP-S DDR5 UDIMM CRB, BIOS ADLSFWI1.R00.3275.A00.2207010640 07/01/2022<br /> RIP: 0010:xe_gt_tlb_invalidation_reset+0x75/0x110 [xe]<br /> <br /> This can be easily triggered by poking the GuC binary to force a<br /> signature failure. There will still be an extra message,<br /> <br /> xe 0000:03:00.0: [drm] *ERROR* GT0: GuC mmio request 0x4100: no reply 0x4100<br /> <br /> but that&amp;#39;s better than a NULL ptr deref.<br /> <br /> (cherry picked from commit 5001ef3af8f2c972d6fd9c5221a8457556f8bea6)