Acknowledged
Created: Jul 11, 2025
Updated: Jul 14, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330[EOL][EOL]The controller has a hardware bug that can hard hang the system when[EOL]doing ATAPI DMAs without any trace of what happened. Depending on the[EOL]device attached, it can also prevent the system from booting.[EOL][EOL]In this case, the system hangs when reading the ATIP from optical media[EOL]with cdrecord -vvv -atip on an _NEC DVD_RW ND-4571A 1-01 and an[EOL]Optiarc DVD RW AD-7200A 1.06 attached to an ASRock 990FX Extreme 4,[EOL]running at UDMA/33.[EOL][EOL]The issue can be reproduced by running the same command with a cygwin[EOL]build of cdrecord on WinXP, although it requires more attempts to cause[EOL]it. The hang in that case is also resolved by forcing PIO. It doesn't[EOL]appear that VIA has produced any drivers for that OS, thus no known[EOL]workaround exists.[EOL][EOL]HDDs attached to the controller do not suffer from any DMA issues.
CREATE(Triage):(User=admin) [CVE-2025-38336 (https://nvd.nist.gov/vuln/detail/CVE-2025-38336)
