CVE-2025-22033

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> arm64: Don&amp;#39;t call NULL in do_compat_alignment_fixup()<br /> <br /> do_alignment_t32_to_handler() only fixes up alignment faults for<br /> specific instructions; it returns NULL otherwise (e.g. LDREX). When<br /> that&amp;#39;s the case, signal to the caller that it needs to proceed with the<br /> regular alignment fault handling (i.e. SIGBUS). Without this patch, the<br /> kernel panics:<br /> <br /> Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000<br /> Mem abort info:<br /> ESR = 0x0000000086000006<br /> EC = 0x21: IABT (current EL), IL = 32 bits<br /> SET = 0, FnV = 0<br /> EA = 0, S1PTW = 0<br /> FSC = 0x06: level 2 translation fault<br /> user pgtable: 4k pages, 48-bit VAs, pgdp=00000800164aa000<br /> [0000000000000000] pgd=0800081fdbd22003, p4d=0800081fdbd22003, pud=08000815d51c6003, pmd=0000000000000000<br /> Internal error: Oops: 0000000086000006 [#1] SMP<br /> Modules linked in: cfg80211 rfkill xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo xt_addrtype nft_compat br_netfilter veth nvme_fa&gt;<br /> libcrc32c crc32c_generic raid0 multipath linear dm_mod dax raid1 md_mod xhci_pci nvme xhci_hcd nvme_core t10_pi usbcore igb crc64_rocksoft crc64 crc_t10dif crct10dif_generic crct10dif_ce crct10dif_common usb_common i2c_algo_bit i2c&gt;<br /> CPU: 2 PID: 3932954 Comm: WPEWebProcess Not tainted 6.1.0-31-arm64 #1 Debian 6.1.128-1<br /> Hardware name: GIGABYTE MP32-AR1-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021<br /> pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)<br /> pc : 0x0<br /> lr : do_compat_alignment_fixup+0xd8/0x3dc<br /> sp : ffff80000f973dd0<br /> x29: ffff80000f973dd0 x28: ffff081b42526180 x27: 0000000000000000<br /> x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000<br /> x23: 0000000000000004 x22: 0000000000000000 x21: 0000000000000001<br /> x20: 00000000e8551f00 x19: ffff80000f973eb0 x18: 0000000000000000<br /> x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000<br /> x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000<br /> x11: 0000000000000000 x10: 0000000000000000 x9 : ffffaebc949bc488<br /> x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000<br /> x5 : 0000000000400000 x4 : 0000fffffffffffe x3 : 0000000000000000<br /> x2 : ffff80000f973eb0 x1 : 00000000e8551f00 x0 : 0000000000000001<br /> Call trace:<br /> 0x0<br /> do_alignment_fault+0x40/0x50<br /> do_mem_abort+0x4c/0xa0<br /> el0_da+0x48/0xf0<br /> el0t_32_sync_handler+0x110/0x140<br /> el0t_32_sync+0x190/0x194<br /> Code: bad PC value<br /> ---[ end trace 0000000000000000 ]---