He Ying

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 4.19.95.aarch64 and earlier **Description** The vulnerability is related to the handling of spurious interrupts in the Linux kernel. When a spurious interrupt occurs, the kernel should not enable interrupts, but in this case, it does, leading to a nested NMI situation. This can cause a kernel panic and potentially allow an attacker to crash the system. The issue is caused by a 'BUG ON(in nmi())' in nmi enter(). Moving the handling of spurious interrupts as early as possible in the GICv3 handler fixes this issue. **Recommendations** To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, for Linux kernel version 4.19.95.aarch64, update to a newer version that includes the patch for irqchip/gic-v3: Do not enable irqs when handling spurious interrupts. As a temporary workaround, consider disabling the `nmi enter()` function until a patch is available. However, this is not a recommended long-term solution, as it may have unintended consequences on system stability and performance.