Wind River Support Network

Description

In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]EDAC/skx_common: Fix general protection fault[EOL][EOL]After loading i10nm_edac (which automatically loads skx_edac_common), if[EOL]unload only i10nm_edac, then reload it and perform error injection testing,[EOL]a general protection fault may occur:[EOL][EOL]  mce: [Hardware Error]: Machine check events logged[EOL]  Oops: general protection fault ...[EOL]  ...[EOL]  Workqueue: events mce_gen_pool_process[EOL]  RIP: 0010:string+0x53/0xe0[EOL]  ...[EOL]  Call Trace:[EOL]  <TASK>[EOL]  ? die_addr+0x37/0x90[EOL]  ? exc_general_protection+0x1e7/0x3f0[EOL]  ? asm_exc_general_protection+0x26/0x30[EOL]  ? string+0x53/0xe0[EOL]  vsnprintf+0x23e/0x4c0[EOL]  snprintf+0x4d/0x70[EOL]  skx_adxl_decode+0x16a/0x330 [skx_edac_common][EOL]  skx_mce_check_error.part.0+0xf8/0x220 [skx_edac_common][EOL]  skx_mce_check_error+0x17/0x20 [skx_edac_common][EOL]  ...[EOL][EOL]The issue arose was because the variable 'adxl_component_count' (inside[EOL]skx_edac_common), which counts the ADXL components, was not reset. During[EOL]the reloading of i10nm_edac, the count was incremented by the actual number[EOL]of ADXL components again, resulting in a count that was double the real[EOL]number of ADXL components. This led to an out-of-bounds reference to the[EOL]ADXL component array, causing the general protection fault above.[EOL][EOL]Fix this issue by resetting the 'adxl_component_count' in adxl_put(),[EOL]which is called during the unloading of {skx,i10nm}_edac.

CREATE(Triage):(User=admin) [CVE-2025-38298 (https://nvd.nist.gov/vuln/detail/CVE-2025-38298)