CVE-2025-71119

{"id": "CVE-2025-71119", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "affected": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "affectedData": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "482fa21635c8832db022cd2d649db26b8e6170ac", "lessThan": "7cccd82a0e4aad192fd74fc60e61ed9aed5857a3", "versionType": "git"}, {"status": "affected", "version": "38253464bc821d6de6bba81bb1412ebb36f6cbd1", "lessThan": "d790ef0c4819424ee0c2f448c0a8154c5ca369d1", "versionType": "git"}, {"status": "affected", "version": "38253464bc821d6de6bba81bb1412ebb36f6cbd1", "lessThan": "f0c0a681ffb77b8c5290c88c02d968199663939b", "versionType": "git"}, {"status": "affected", "version": "38253464bc821d6de6bba81bb1412ebb36f6cbd1", "lessThan": "0d5c9e901ad40bd39b38e119c0454b52d7663930", "versionType": "git"}, {"status": "affected", "version": "38253464bc821d6de6bba81bb1412ebb36f6cbd1", "lessThan": "c2296a1e42418556efbeb5636c4fa6aa6106713a", "versionType": "git"}, {"status": "affected", "version": "15141adf85b14a7cff7abba1cb983f0bf17e3b36", "versionType": "git"}, {"status": "affected", "version": "6.1.72", "lessThan": "6.1.160", "versionType": "semver"}, {"status": "affected", "version": "6.5.12", "lessThan": "6.6", "versionType": "semver"}], "programFiles": ["arch/powerpc/kexec/core_64.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.6"}, {"status": "unaffected", "version": "0", "lessThan": "6.6", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.160", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.120", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.12.64", "versionType": "semver", "lessThanOrEqual": "6.12.*"}, {"status": "unaffected", "version": "6.18.3", "versionType": "semver", "lessThanOrEqual": "6.18.*"}, {"status": "unaffected", "version": "6.19", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["arch/powerpc/kexec/core_64.c"], "defaultStatus": "affected"}]}], "published": "2026-01-14T15:16:01.583", "references": [{"url": "https://git.kernel.org/stable/c/0d5c9e901ad40bd39b38e119c0454b52d7663930", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7cccd82a0e4aad192fd74fc60e61ed9aed5857a3", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c2296a1e42418556efbeb5636c4fa6aa6106713a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d790ef0c4819424ee0c2f448c0a8154c5ca369d1", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f0c0a681ffb77b8c5290c88c02d968199663939b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/kexec: Enable SMT before waking offline CPUs\n\nIf SMT is disabled or a partial SMT state is enabled, when a new kernel\nimage is loaded for kexec, on reboot the following warning is observed:\n\nkexec: Waking offline cpu 228.\nWARNING: CPU: 0 PID: 9062 at arch/powerpc/kexec/core_64.c:223 kexec_prepare_cpus+0x1b0/0x1bc\n[snip]\n NIP kexec_prepare_cpus+0x1b0/0x1bc\n LR kexec_prepare_cpus+0x1a0/0x1bc\n Call Trace:\n kexec_prepare_cpus+0x1a0/0x1bc (unreliable)\n default_machine_kexec+0x160/0x19c\n machine_kexec+0x80/0x88\n kernel_kexec+0xd0/0x118\n __do_sys_reboot+0x210/0x2c4\n system_call_exception+0x124/0x320\n system_call_vectored_common+0x15c/0x2ec\n\nThis occurs as add_cpu() fails due to cpu_bootable() returning false for\nCPUs that fail the cpu_smt_thread_allowed() check or non primary\nthreads if SMT is disabled.\n\nFix the issue by enabling SMT and resetting the number of SMT threads to\nthe number of threads per core, before attempting to wake up all present\nCPUs."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\npowerpc/kexec: Habilitar SMT antes de activar las CPU sin conexi\u00f3n\n\nSi SMT est\u00e1 deshabilitado o un estado SMT parcial est\u00e1 habilitado, cuando una nueva imagen de kernel se carga para kexec, al reiniciar se observa la siguiente advertencia:\n\nkexec: Activando cpu 228 sin conexi\u00f3n.\nADVERTENCIA: CPU: 0 PID: 9062 en arch/powerpc/kexec/core_64.c:223 kexec_prepare_cpus+0x1b0/0x1bc\n[snip]\n NIP kexec_prepare_cpus+0x1b0/0x1bc\n LR kexec_prepare_cpus+0x1a0/0x1bc\n Traza de llamada:\n kexec_prepare_cpus+0x1a0/0x1bc (no fiable)\n default_machine_kexec+0x160/0x19c\n machine_kexec+0x80/0x88\n kernel_kexec+0xd0/0x118\n __do_sys_reboot+0x210/0x2c4\n system_call_exception+0x124/0x320\n system_call_vectored_common+0x15c/0x2ec\n\nEsto ocurre porque add_cpu() falla debido a que cpu_bootable() devuelve falso para las CPU que fallan la verificaci\u00f3n cpu_smt_thread_allowed() o hilos no primarios si SMT est\u00e1 deshabilitado.\n\nSoluciona el problema habilitando SMT y restableciendo el n\u00famero de hilos SMT al n\u00famero de hilos por n\u00facleo, antes de intentar activar todas las CPU presentes."}], "lastModified": "2026-06-17T10:03:42.123", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A16C0F70-6082-4AEE-BDEF-76E8CA8FB720", "versionEndExcluding": "6.1.160", "versionStartIncluding": "6.1.72"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFD63F94-BD00-4EF2-9873-45E8DED18B9A", "versionEndExcluding": "6.6", "versionStartIncluding": "6.5.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5F84D90-D922-47D3-B042-99569840DD8F", "versionEndExcluding": "6.6.120", "versionStartIncluding": "6.6.1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32BF4A52-377C-44ED-B5E6-7EA5D896E98B", "versionEndExcluding": "6.12.64", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DC484D8-FB4F-4112-900F-AE333B6FE7A7", "versionEndExcluding": "6.18.3", "versionStartIncluding": "6.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E346B162-D566-4E62-ABDE-ECBFB21B8BFD"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EF854A1-ABB1-4E93-BE9A-44569EC76C0D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5DC0CA6-F0AF-4DDF-A882-3DADB9A886A7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB5B7DFC-C36B-45D8-922C-877569FDDF43"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}