CVE-2025-21902

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.11-200.fc41.x86 64

Description A vulnerability in the Linux kernel has been resolved. The issue is related to the ACPI backend of UCSI, where the UCSI "registers" are a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents are synced to the embedded controller and that the registers are synced back to the opregion on notifications. However, there is a need to force a sync from the embedded controller to poll CCI while notifications are disabled. The ucsi core knows when this is the case, and guessing based on the current command can lead to spurious assertion splats. The introduction of a ->poll cci method that works like ->read cci with an additional forced sync resolves this issue.

Recommendations For Linux kernel version 6.12.11-200.fc41.x86 64 and earlier, update to a newer version that includes the fix for this issue. As a temporary workaround, consider disabling the ucsi reset ppm function until a patch is available. Restrict access to the vulnerable ucsi.c module to minimize the risk of exploitation. Avoid using the ucsi init work function in the affected API endpoint until the issue is resolved.