CVE Catalog

CVE-2025-39681

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

5th percentile - higher than 5% of all known CVEs

Summary

In the Linux kernel, Hygon processors lacked the resctrl_cpu_detect() call in BSP initialization, causing a division by zero fault during boot. The issue appeared after the function was moved to vendor-specific code.

Risk Assessment

Missing initialization can cause a kernel panic on Hygon machines with CQM support, preventing system boot.

Recommendation

Apply the Linux kernel patch that adds the resctrl_cpu_detect() call in the BSP init helper for Hygon processors.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Since 923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot") resctrl_cpu_detect() has been moved from common CPU initialization code to the vendor-specific BSP init helper, while Hygon didn't put that call in their code. This triggers a division by zero fault during early booting stage on our machines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries to calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale. Add the missing resctrl_cpu_detect() in the Hygon BSP init helper. [ bp: Massage commit message. ]

Vulnerability data from NVD (NIST) · CISA KEV · EPSS