CVE-2025-22033

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A vulnerability in the Linux kernel has been resolved. The issue occurs when the do compat alignment fixup() function calls NULL, leading to a kernel panic. This happens when the do alignment t32 to handler() function returns NULL, which occurs for specific instructions like LDREX. The kernel panic results in a NULL pointer dereference at a virtual address, causing an Internal error: Oops. The estimated number of potentially affected devices is not provided.

Recommendations For Linux kernel versions prior to the fixed version, apply the patch that resolves the issue by modifying the do compat alignment fixup() function to handle NULL returns from do alignment t32 to handler() correctly. As a temporary workaround, consider disabling the do compat alignment fixup() function until a patch is available. However, this workaround may have unintended consequences and should be used with caution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.