CVE-2021-47025: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Always enable the clk on resume In mtk_iommu_runtime_resume always enable the clk, even if m4u_dom is null. Otherwise the 'suspend' cb might disable the clk which is already disabled causing the warning: [ 1.586104] infra_m4u already disabled [ 1.586133] WARNING: CPU: 0 PID: 121 at drivers/clk/clk.c:952 clk_core_disable+0xb0/0xb8 [ 1.594391] mtk-iommu 10205000.iommu: bound 18001000.larb (ops mtk_smi_larb_component_ops) [ 1.598108] Modules linked in: [ 1.598114] CPU: 0 PID: 121 Comm: kworker/0:2 Not tainted 5.12.0-rc5 #69 [ 1.609246] mtk-iommu 10205000.iommu: bound 14027000.larb (ops mtk_smi_larb_component_ops) [ 1.617487] Hardware name: Google Elm (DT) [ 1.617491] Workqueue: pm pm_runtime_work [ 1.620545] mtk-iommu 10205000.iommu: bound 19001000.larb (ops mtk_smi_larb_component_ops) [ 1.627229] pstate: 60000085 (nZCv daIf -PAN -UAO -TCO BTYPE=--) [ 1.659297] pc : clk_core_disable+0xb0/0xb8 [ 1.663475] lr : clk_core_disable+0xb0/0xb8 [ 1.667652] sp : ffff800011b9bbe0 [ 1.670959] x29: ffff800011b9bbe0 x28: 0000000000000000 [ 1.676267] x27: ffff800011448000 x26: ffff8000100cfd98 [ 1.681574] x25: ffff800011b9bd48 x24: 0000000000000000 [ 1.686882] x23: 0000000000000000 x22: ffff8000106fad90 [ 1.692189] x21: 000000000000000a x20: ffff0000c0048500 [ 1.697496] x19: ffff0000c0048500 x18: ffffffffffffffff [ 1.702804] x17: 0000000000000000 x16: 0000000000000000 [ 1.708112] x15: ffff800011460300 x14: fffffffffffe0000 [ 1.713420] x13: ffff8000114602d8 x12: 0720072007200720 [ 1.718727] x11: 0720072007200720 x10: 0720072007200720 [ 1.724035] x9 : ffff800011b9bbe0 x8 : ffff800011b9bbe0 [ 1.729342] x7 : 0000000000000009 x6 : ffff8000114b8328 [ 1.734649] x5 : 0000000000000000 x4 : 0000000000000000 [ 1.739956] x3 : 00000000ffffffff x2 : ffff800011460298 [ 1.745263] x1 : 1af1d7de276f4500 x0 : 0000000000000000 [ 1.750572] Call trace: [ 1.753010] clk_core_disable+0xb0/0xb8 [ 1.756840] clk_core_disable_lock+0x24/0x40 [ 1.761105] clk_disable+0x20/0x30 [ 1.764501] mtk_iommu_runtime_suspend+0x88/0xa8 [ 1.769114] pm_generic_runtime_suspend+0x2c/0x48 [ 1.773815] __rpm_callback+0xe0/0x178 [ 1.777559] rpm_callback+0x24/0x88 [ 1.781041] rpm_suspend+0xdc/0x470 [ 1.784523] rpm_idle+0x12c/0x170 [ 1.787831] pm_runtime_work+0xa8/0xc0 [ 1.791573] process_one_work+0x1e8/0x360 [ 1.795580] worker_thread+0x44/0x478 [ 1.799237] kthread+0x150/0x158 [ 1.802460] ret_from_fork+0x10/0x30 [ 1.806034] ---[ end trace 82402920ef64573b ]--- [ 1.810728] ------------[ cut here ]------------ In addition, we now don't need to enable the clock from the function mtk_iommu_hw_init since it is already enabled by the resume.
AI Analysis
Technical Summary
CVE-2021-47025 is a vulnerability identified in the Linux kernel specifically related to the MediaTek IOMMU (Input-Output Memory Management Unit) driver. The issue arises from improper handling of the clock (clk) enablement during the runtime resume process in the mtk_iommu_runtime_resume function. The vulnerability is caused because the clock is not always enabled on resume, even if the m4u_dom (MediaTek Memory Management Unit domain) is null. This can lead to a scenario where the suspend callback disables a clock that is already disabled, triggering kernel warnings and potentially causing instability or unexpected behavior. The kernel logs indicate warnings such as "infra_m4u already disabled" and stack traces pointing to clk_core_disable functions, which suggest improper clock management. The root cause is that the clock disable function is called without ensuring the clock was previously enabled, leading to a race or state inconsistency. The patch involves always enabling the clock on resume regardless of the m4u_dom state and removing redundant clock enable calls from the hardware initialization function. While this vulnerability does not directly expose a memory corruption or privilege escalation vector, it can cause kernel warnings and potentially impact system stability or availability, especially on devices using MediaTek SoCs with this driver. The issue is subtle and relates to power management and device runtime suspend/resume sequences in the Linux kernel. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The affected versions are specific Linux kernel commits identified by their hashes, indicating this is a recent or development branch fix. Overall, this vulnerability highlights the importance of correct clock and power management in kernel drivers to avoid system instability.
Potential Impact
For European organizations, the impact of CVE-2021-47025 primarily concerns systems running Linux kernels with MediaTek hardware, particularly embedded devices, IoT devices, or specialized hardware platforms using MediaTek SoCs. The vulnerability can cause kernel warnings and potentially lead to system instability or unexpected reboots during runtime suspend/resume cycles. This may affect availability of critical systems, especially those relying on power management features for energy efficiency or battery-powered operation. While it does not directly lead to privilege escalation or data breaches, the instability could disrupt operations or cause downtime. Organizations deploying Linux-based devices in industrial control, telecommunications, or edge computing environments using MediaTek chipsets may experience degraded reliability. Since MediaTek chips are common in consumer electronics and some embedded systems, the risk is higher for sectors using such devices in their infrastructure. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to potential future exploitation or operational issues. Thus, the impact is moderate but relevant for availability and operational continuity in affected environments.
Mitigation Recommendations
To mitigate CVE-2021-47025, organizations should: 1) Apply the latest Linux kernel patches that include the fix for this vulnerability, ensuring the mtk_iommu_runtime_resume function always enables the clock on resume. 2) Avoid running unpatched kernel versions on devices with MediaTek SoCs, especially those used in production or critical environments. 3) Conduct thorough testing of power management and runtime suspend/resume sequences after patching to confirm system stability. 4) Monitor kernel logs for warnings related to clk_core_disable or infra_m4u to detect potential issues. 5) For embedded or IoT devices where kernel updates are challenging, consider firmware updates or vendor-provided patches that address this issue. 6) Implement robust monitoring and alerting for device availability and kernel errors to quickly identify and respond to instability caused by this vulnerability. 7) Coordinate with hardware vendors to ensure they provide updated and secure kernel versions for MediaTek-based devices. These steps go beyond generic advice by focusing on power management testing, log monitoring, and vendor coordination specific to this vulnerability.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland, Sweden, Finland, Belgium
CVE-2021-47025: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Always enable the clk on resume In mtk_iommu_runtime_resume always enable the clk, even if m4u_dom is null. Otherwise the 'suspend' cb might disable the clk which is already disabled causing the warning: [ 1.586104] infra_m4u already disabled [ 1.586133] WARNING: CPU: 0 PID: 121 at drivers/clk/clk.c:952 clk_core_disable+0xb0/0xb8 [ 1.594391] mtk-iommu 10205000.iommu: bound 18001000.larb (ops mtk_smi_larb_component_ops) [ 1.598108] Modules linked in: [ 1.598114] CPU: 0 PID: 121 Comm: kworker/0:2 Not tainted 5.12.0-rc5 #69 [ 1.609246] mtk-iommu 10205000.iommu: bound 14027000.larb (ops mtk_smi_larb_component_ops) [ 1.617487] Hardware name: Google Elm (DT) [ 1.617491] Workqueue: pm pm_runtime_work [ 1.620545] mtk-iommu 10205000.iommu: bound 19001000.larb (ops mtk_smi_larb_component_ops) [ 1.627229] pstate: 60000085 (nZCv daIf -PAN -UAO -TCO BTYPE=--) [ 1.659297] pc : clk_core_disable+0xb0/0xb8 [ 1.663475] lr : clk_core_disable+0xb0/0xb8 [ 1.667652] sp : ffff800011b9bbe0 [ 1.670959] x29: ffff800011b9bbe0 x28: 0000000000000000 [ 1.676267] x27: ffff800011448000 x26: ffff8000100cfd98 [ 1.681574] x25: ffff800011b9bd48 x24: 0000000000000000 [ 1.686882] x23: 0000000000000000 x22: ffff8000106fad90 [ 1.692189] x21: 000000000000000a x20: ffff0000c0048500 [ 1.697496] x19: ffff0000c0048500 x18: ffffffffffffffff [ 1.702804] x17: 0000000000000000 x16: 0000000000000000 [ 1.708112] x15: ffff800011460300 x14: fffffffffffe0000 [ 1.713420] x13: ffff8000114602d8 x12: 0720072007200720 [ 1.718727] x11: 0720072007200720 x10: 0720072007200720 [ 1.724035] x9 : ffff800011b9bbe0 x8 : ffff800011b9bbe0 [ 1.729342] x7 : 0000000000000009 x6 : ffff8000114b8328 [ 1.734649] x5 : 0000000000000000 x4 : 0000000000000000 [ 1.739956] x3 : 00000000ffffffff x2 : ffff800011460298 [ 1.745263] x1 : 1af1d7de276f4500 x0 : 0000000000000000 [ 1.750572] Call trace: [ 1.753010] clk_core_disable+0xb0/0xb8 [ 1.756840] clk_core_disable_lock+0x24/0x40 [ 1.761105] clk_disable+0x20/0x30 [ 1.764501] mtk_iommu_runtime_suspend+0x88/0xa8 [ 1.769114] pm_generic_runtime_suspend+0x2c/0x48 [ 1.773815] __rpm_callback+0xe0/0x178 [ 1.777559] rpm_callback+0x24/0x88 [ 1.781041] rpm_suspend+0xdc/0x470 [ 1.784523] rpm_idle+0x12c/0x170 [ 1.787831] pm_runtime_work+0xa8/0xc0 [ 1.791573] process_one_work+0x1e8/0x360 [ 1.795580] worker_thread+0x44/0x478 [ 1.799237] kthread+0x150/0x158 [ 1.802460] ret_from_fork+0x10/0x30 [ 1.806034] ---[ end trace 82402920ef64573b ]--- [ 1.810728] ------------[ cut here ]------------ In addition, we now don't need to enable the clock from the function mtk_iommu_hw_init since it is already enabled by the resume.
AI-Powered Analysis
Technical Analysis
CVE-2021-47025 is a vulnerability identified in the Linux kernel specifically related to the MediaTek IOMMU (Input-Output Memory Management Unit) driver. The issue arises from improper handling of the clock (clk) enablement during the runtime resume process in the mtk_iommu_runtime_resume function. The vulnerability is caused because the clock is not always enabled on resume, even if the m4u_dom (MediaTek Memory Management Unit domain) is null. This can lead to a scenario where the suspend callback disables a clock that is already disabled, triggering kernel warnings and potentially causing instability or unexpected behavior. The kernel logs indicate warnings such as "infra_m4u already disabled" and stack traces pointing to clk_core_disable functions, which suggest improper clock management. The root cause is that the clock disable function is called without ensuring the clock was previously enabled, leading to a race or state inconsistency. The patch involves always enabling the clock on resume regardless of the m4u_dom state and removing redundant clock enable calls from the hardware initialization function. While this vulnerability does not directly expose a memory corruption or privilege escalation vector, it can cause kernel warnings and potentially impact system stability or availability, especially on devices using MediaTek SoCs with this driver. The issue is subtle and relates to power management and device runtime suspend/resume sequences in the Linux kernel. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The affected versions are specific Linux kernel commits identified by their hashes, indicating this is a recent or development branch fix. Overall, this vulnerability highlights the importance of correct clock and power management in kernel drivers to avoid system instability.
Potential Impact
For European organizations, the impact of CVE-2021-47025 primarily concerns systems running Linux kernels with MediaTek hardware, particularly embedded devices, IoT devices, or specialized hardware platforms using MediaTek SoCs. The vulnerability can cause kernel warnings and potentially lead to system instability or unexpected reboots during runtime suspend/resume cycles. This may affect availability of critical systems, especially those relying on power management features for energy efficiency or battery-powered operation. While it does not directly lead to privilege escalation or data breaches, the instability could disrupt operations or cause downtime. Organizations deploying Linux-based devices in industrial control, telecommunications, or edge computing environments using MediaTek chipsets may experience degraded reliability. Since MediaTek chips are common in consumer electronics and some embedded systems, the risk is higher for sectors using such devices in their infrastructure. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to potential future exploitation or operational issues. Thus, the impact is moderate but relevant for availability and operational continuity in affected environments.
Mitigation Recommendations
To mitigate CVE-2021-47025, organizations should: 1) Apply the latest Linux kernel patches that include the fix for this vulnerability, ensuring the mtk_iommu_runtime_resume function always enables the clock on resume. 2) Avoid running unpatched kernel versions on devices with MediaTek SoCs, especially those used in production or critical environments. 3) Conduct thorough testing of power management and runtime suspend/resume sequences after patching to confirm system stability. 4) Monitor kernel logs for warnings related to clk_core_disable or infra_m4u to detect potential issues. 5) For embedded or IoT devices where kernel updates are challenging, consider firmware updates or vendor-provided patches that address this issue. 6) Implement robust monitoring and alerting for device availability and kernel errors to quickly identify and respond to instability caused by this vulnerability. 7) Coordinate with hardware vendors to ensure they provide updated and secure kernel versions for MediaTek-based devices. These steps go beyond generic advice by focusing on power management testing, log monitoring, and vendor coordination specific to this vulnerability.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-02-27T18:42:55.960Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9aa9
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 7:27:57 PM
Last updated: 8/2/2025, 6:42:50 AM
Views: 11
Related Threats
CVE-2025-9091: Hard-coded Credentials in Tenda AC20
LowCVE-2025-9090: Command Injection in Tenda AC20
MediumCVE-2025-9092: CWE-400 Uncontrolled Resource Consumption in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0
LowCVE-2025-9089: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9088: Stack-based Buffer Overflow in Tenda AC20
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.