CVE-2025-21684

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.73/6.12.10

Description The issue is related to incorrect locking of resources in the Linux kernel, specifically with the gpio lock in the Xilinx GPIO driver. This can lead to a denial of service. The irq chip functions may be called in a raw spinlock context, requiring the use of a raw spinlock for internal locking. The problem is identified by a lockdep splat error message. Technical details include the involvement of xgpio irq unmask and irq enable functions, as well as issues with lock acquisition and spinlock context.

Recommendations To resolve the issue, update the Linux kernel to a version newer than 6.6.73/6.12.10. As a temporary workaround, consider disabling the xgpio irq unmask function until a patch is available. Restrict access to the vulnerable gpio-xilinx module to minimize the risk of exploitation. Avoid using the gpio lock variable in the affected API endpoints until the issue is resolved.