CVE-2025-21663: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SID) to be written to the MGBE_WRAP_AXI_ASID0_CTRL register. The current driver is hard coded to use MGBE0's SID for all controllers. This causes softirq time outs and kernel panics when using controllers other than MGBE0. Example dmesg errors when an ethernet cable is connected to MGBE1: [ 116.133290] tegra-mgbe 6910000.ethernet eth1: Link is Up - 1Gbps/Full - flow control rx/tx [ 121.851283] tegra-mgbe 6910000.ethernet eth1: NETDEV WATCHDOG: CPU: 5: transmit queue 0 timed out 5690 ms [ 121.851782] tegra-mgbe 6910000.ethernet eth1: Reset adapter. [ 121.892464] tegra-mgbe 6910000.ethernet eth1: Register MEM_TYPE_PAGE_POOL RxQ-0 [ 121.905920] tegra-mgbe 6910000.ethernet eth1: PHY [stmmac-1:00] driver [Aquantia AQR113] (irq=171) [ 121.907356] tegra-mgbe 6910000.ethernet eth1: Enabling Safety Features [ 121.907578] tegra-mgbe 6910000.ethernet eth1: IEEE 1588-2008 Advanced Timestamp supported [ 121.908399] tegra-mgbe 6910000.ethernet eth1: registered PTP clock [ 121.908582] tegra-mgbe 6910000.ethernet eth1: configuring for phy/10gbase-r link mode [ 125.961292] tegra-mgbe 6910000.ethernet eth1: Link is Up - 1Gbps/Full - flow control rx/tx [ 181.921198] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 181.921404] rcu: 7-....: (1 GPs behind) idle=540c/1/0x4000000000000002 softirq=1748/1749 fqs=2337 [ 181.921684] rcu: (detected by 4, t=6002 jiffies, g=1357, q=1254 ncpus=8) [ 181.921878] Sending NMI from CPU 4 to CPUs 7: [ 181.921886] NMI backtrace for cpu 7 [ 181.922131] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Kdump: loaded Not tainted 6.13.0-rc3+ #6 [ 181.922390] Hardware name: NVIDIA CTI Forge + Orin AGX/Jetson, BIOS 202402.1-Unknown 10/28/2024 [ 181.922658] pstate: 40400009 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 181.922847] pc : handle_softirqs+0x98/0x368 [ 181.922978] lr : __do_softirq+0x18/0x20 [ 181.923095] sp : ffff80008003bf50 [ 181.923189] x29: ffff80008003bf50 x28: 0000000000000008 x27: 0000000000000000 [ 181.923379] x26: ffffce78ea277000 x25: 0000000000000000 x24: 0000001c61befda0 [ 181.924486] x23: 0000000060400009 x22: ffffce78e99918bc x21: ffff80008018bd70 [ 181.925568] x20: ffffce78e8bb00d8 x19: ffff80008018bc20 x18: 0000000000000000 [ 181.926655] x17: ffff318ebe7d3000 x16: ffff800080038000 x15: 0000000000000000 [ 181.931455] x14: ffff000080816680 x13: ffff318ebe7d3000 x12: 000000003464d91d [ 181.938628] x11: 0000000000000040 x10: ffff000080165a70 x9 : ffffce78e8bb0160 [ 181.945804] x8 : ffff8000827b3160 x7 : f9157b241586f343 x6 : eeb6502a01c81c74 [ 181.953068] x5 : a4acfcdd2e8096bb x4 : ffffce78ea277340 x3 : 00000000ffffd1e1 [ 181.960329] x2 : 0000000000000101 x1 : ffffce78ea277340 x0 : ffff318ebe7d3000 [ 181.967591] Call trace: [ 181.970043] handle_softirqs+0x98/0x368 (P) [ 181.974240] __do_softirq+0x18/0x20 [ 181.977743] ____do_softirq+0x14/0x28 [ 181.981415] call_on_irq_stack+0x24/0x30 [ 181.985180] do_softirq_own_stack+0x20/0x30 [ 181.989379] __irq_exit_rcu+0x114/0x140 [ 181.993142] irq_exit_rcu+0x14/0x28 [ 181.996816] el1_interrupt+0x44/0xb8 [ 182.000316] el1h_64_irq_handler+0x14/0x20 [ 182.004343] el1h_64_irq+0x80/0x88 [ 182.007755] cpuidle_enter_state+0xc4/0x4a8 (P) [ 182.012305] cpuidle_enter+0x3c/0x58 [ 182.015980] cpuidle_idle_call+0x128/0x1c0 [ 182.020005] do_idle+0xe0/0xf0 [ 182.023155] cpu_startup_entry+0x3c/0x48 [ 182.026917] secondary_start_kernel+0xdc/0x120 [ 182.031379] __secondary_switched+0x74/0x78 [ 212.971162] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 7-.... } 6103 jiffies s: 417 root: 0x80/. [ 212.985935] rcu: blocking rcu_node structures (internal RCU debug): [ 212.992758] Sending NMI from CPU 0 to CPUs 7: [ 212.998539] NMI backtrace for cpu 7 [ 213.004304] CPU: 7 UID: 0 PI ---truncated---
AI Analysis
Technical Summary
CVE-2025-21663 is a vulnerability in the Linux kernel's network driver subsystem, specifically affecting the stmmac driver for Nvidia Tegra MGBE Ethernet controllers. The issue arises because the driver is hardcoded to use the Stream ID (SID) of the MGBE0 controller for all Ethernet controllers, rather than reading the correct SID from the device tree for each controller. Nvidia's Tegra MGBE controllers require the IOMMU Stream ID to be written to the MGBE_WRAP_AXI_ASID0_CTRL register to function correctly. When the driver uses the incorrect SID for controllers other than MGBE0, it causes softirq timeouts and kernel panics. This manifests as network interface resets, transmit queue timeouts, and ultimately system instability or crashes. The vulnerability affects systems running Linux kernel versions that include this flawed driver implementation, particularly on Nvidia Tegra platforms such as the Orin AGX/Jetson family. The provided kernel logs demonstrate the problem occurring when an Ethernet cable is connected to the MGBE1 interface, leading to repeated resets and RCU (Read-Copy-Update) stalls, which indicate severe kernel-level performance degradation and potential deadlocks. Although no known exploits are currently reported in the wild, the vulnerability can cause denial of service (DoS) conditions due to kernel panics and network outages. The root cause is a driver logic flaw rather than a memory corruption or privilege escalation issue, limiting the scope to availability impacts. The vulnerability requires the affected hardware (Nvidia Tegra MGBE controllers) and the vulnerable Linux kernel driver, but no user interaction or authentication is needed to trigger the issue once the device is connected and active. No CVSS score has been assigned yet, but the technical details and logs confirm a serious stability problem that can disrupt network connectivity and system operation.
Potential Impact
For European organizations using Nvidia Tegra-based embedded systems or edge devices running Linux kernels with the vulnerable stmmac driver, this vulnerability can cause significant operational disruptions. Industries relying on embedded Linux platforms for industrial automation, automotive systems, telecommunications infrastructure, or IoT deployments may experience network interface failures and kernel panics, leading to device reboots or downtime. This can impact critical services, especially in sectors like manufacturing, smart city infrastructure, and transportation where Nvidia Tegra platforms are deployed. The denial of service caused by kernel panics can interrupt data flows, degrade system reliability, and increase maintenance costs. Since the vulnerability affects network controller drivers, it may also complicate remote management and monitoring of affected devices. Although the vulnerability does not directly expose confidentiality or integrity risks, the availability impact can indirectly affect business continuity and safety-critical operations. European organizations with supply chains or products incorporating Nvidia Tegra Linux-based devices should assess their exposure and prioritize patching to prevent potential disruptions.
Mitigation Recommendations
To mitigate CVE-2025-21663, organizations should: 1) Apply the latest Linux kernel updates that include the patched stmmac driver fixing the SID handling for Nvidia Tegra MGBE controllers. Monitor Linux kernel mailing lists and vendor advisories for the official patch release. 2) For embedded systems where kernel updates are challenging, consider vendor firmware updates or kernel backports that address this issue. 3) Validate device tree configurations to ensure correct SID values are specified for each MGBE controller to avoid fallback on hardcoded defaults. 4) Implement monitoring for kernel softirq timeouts and network interface resets to detect early signs of this issue in production environments. 5) Where possible, isolate affected devices from critical network segments until patched to reduce impact of potential outages. 6) Engage with Nvidia and Linux distribution vendors for guidance on secure kernel versions and recommended configurations. 7) Test patches in staging environments to confirm resolution and stability before wide deployment. These steps go beyond generic advice by focusing on device tree validation, monitoring for specific kernel softirq stalls, and vendor collaboration for embedded platform support.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Sweden, Finland
CVE-2025-21663: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SID) to be written to the MGBE_WRAP_AXI_ASID0_CTRL register. The current driver is hard coded to use MGBE0's SID for all controllers. This causes softirq time outs and kernel panics when using controllers other than MGBE0. Example dmesg errors when an ethernet cable is connected to MGBE1: [ 116.133290] tegra-mgbe 6910000.ethernet eth1: Link is Up - 1Gbps/Full - flow control rx/tx [ 121.851283] tegra-mgbe 6910000.ethernet eth1: NETDEV WATCHDOG: CPU: 5: transmit queue 0 timed out 5690 ms [ 121.851782] tegra-mgbe 6910000.ethernet eth1: Reset adapter. [ 121.892464] tegra-mgbe 6910000.ethernet eth1: Register MEM_TYPE_PAGE_POOL RxQ-0 [ 121.905920] tegra-mgbe 6910000.ethernet eth1: PHY [stmmac-1:00] driver [Aquantia AQR113] (irq=171) [ 121.907356] tegra-mgbe 6910000.ethernet eth1: Enabling Safety Features [ 121.907578] tegra-mgbe 6910000.ethernet eth1: IEEE 1588-2008 Advanced Timestamp supported [ 121.908399] tegra-mgbe 6910000.ethernet eth1: registered PTP clock [ 121.908582] tegra-mgbe 6910000.ethernet eth1: configuring for phy/10gbase-r link mode [ 125.961292] tegra-mgbe 6910000.ethernet eth1: Link is Up - 1Gbps/Full - flow control rx/tx [ 181.921198] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 181.921404] rcu: 7-....: (1 GPs behind) idle=540c/1/0x4000000000000002 softirq=1748/1749 fqs=2337 [ 181.921684] rcu: (detected by 4, t=6002 jiffies, g=1357, q=1254 ncpus=8) [ 181.921878] Sending NMI from CPU 4 to CPUs 7: [ 181.921886] NMI backtrace for cpu 7 [ 181.922131] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Kdump: loaded Not tainted 6.13.0-rc3+ #6 [ 181.922390] Hardware name: NVIDIA CTI Forge + Orin AGX/Jetson, BIOS 202402.1-Unknown 10/28/2024 [ 181.922658] pstate: 40400009 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 181.922847] pc : handle_softirqs+0x98/0x368 [ 181.922978] lr : __do_softirq+0x18/0x20 [ 181.923095] sp : ffff80008003bf50 [ 181.923189] x29: ffff80008003bf50 x28: 0000000000000008 x27: 0000000000000000 [ 181.923379] x26: ffffce78ea277000 x25: 0000000000000000 x24: 0000001c61befda0 [ 181.924486] x23: 0000000060400009 x22: ffffce78e99918bc x21: ffff80008018bd70 [ 181.925568] x20: ffffce78e8bb00d8 x19: ffff80008018bc20 x18: 0000000000000000 [ 181.926655] x17: ffff318ebe7d3000 x16: ffff800080038000 x15: 0000000000000000 [ 181.931455] x14: ffff000080816680 x13: ffff318ebe7d3000 x12: 000000003464d91d [ 181.938628] x11: 0000000000000040 x10: ffff000080165a70 x9 : ffffce78e8bb0160 [ 181.945804] x8 : ffff8000827b3160 x7 : f9157b241586f343 x6 : eeb6502a01c81c74 [ 181.953068] x5 : a4acfcdd2e8096bb x4 : ffffce78ea277340 x3 : 00000000ffffd1e1 [ 181.960329] x2 : 0000000000000101 x1 : ffffce78ea277340 x0 : ffff318ebe7d3000 [ 181.967591] Call trace: [ 181.970043] handle_softirqs+0x98/0x368 (P) [ 181.974240] __do_softirq+0x18/0x20 [ 181.977743] ____do_softirq+0x14/0x28 [ 181.981415] call_on_irq_stack+0x24/0x30 [ 181.985180] do_softirq_own_stack+0x20/0x30 [ 181.989379] __irq_exit_rcu+0x114/0x140 [ 181.993142] irq_exit_rcu+0x14/0x28 [ 181.996816] el1_interrupt+0x44/0xb8 [ 182.000316] el1h_64_irq_handler+0x14/0x20 [ 182.004343] el1h_64_irq+0x80/0x88 [ 182.007755] cpuidle_enter_state+0xc4/0x4a8 (P) [ 182.012305] cpuidle_enter+0x3c/0x58 [ 182.015980] cpuidle_idle_call+0x128/0x1c0 [ 182.020005] do_idle+0xe0/0xf0 [ 182.023155] cpu_startup_entry+0x3c/0x48 [ 182.026917] secondary_start_kernel+0xdc/0x120 [ 182.031379] __secondary_switched+0x74/0x78 [ 212.971162] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 7-.... } 6103 jiffies s: 417 root: 0x80/. [ 212.985935] rcu: blocking rcu_node structures (internal RCU debug): [ 212.992758] Sending NMI from CPU 0 to CPUs 7: [ 212.998539] NMI backtrace for cpu 7 [ 213.004304] CPU: 7 UID: 0 PI ---truncated---
AI-Powered Analysis
Technical Analysis
CVE-2025-21663 is a vulnerability in the Linux kernel's network driver subsystem, specifically affecting the stmmac driver for Nvidia Tegra MGBE Ethernet controllers. The issue arises because the driver is hardcoded to use the Stream ID (SID) of the MGBE0 controller for all Ethernet controllers, rather than reading the correct SID from the device tree for each controller. Nvidia's Tegra MGBE controllers require the IOMMU Stream ID to be written to the MGBE_WRAP_AXI_ASID0_CTRL register to function correctly. When the driver uses the incorrect SID for controllers other than MGBE0, it causes softirq timeouts and kernel panics. This manifests as network interface resets, transmit queue timeouts, and ultimately system instability or crashes. The vulnerability affects systems running Linux kernel versions that include this flawed driver implementation, particularly on Nvidia Tegra platforms such as the Orin AGX/Jetson family. The provided kernel logs demonstrate the problem occurring when an Ethernet cable is connected to the MGBE1 interface, leading to repeated resets and RCU (Read-Copy-Update) stalls, which indicate severe kernel-level performance degradation and potential deadlocks. Although no known exploits are currently reported in the wild, the vulnerability can cause denial of service (DoS) conditions due to kernel panics and network outages. The root cause is a driver logic flaw rather than a memory corruption or privilege escalation issue, limiting the scope to availability impacts. The vulnerability requires the affected hardware (Nvidia Tegra MGBE controllers) and the vulnerable Linux kernel driver, but no user interaction or authentication is needed to trigger the issue once the device is connected and active. No CVSS score has been assigned yet, but the technical details and logs confirm a serious stability problem that can disrupt network connectivity and system operation.
Potential Impact
For European organizations using Nvidia Tegra-based embedded systems or edge devices running Linux kernels with the vulnerable stmmac driver, this vulnerability can cause significant operational disruptions. Industries relying on embedded Linux platforms for industrial automation, automotive systems, telecommunications infrastructure, or IoT deployments may experience network interface failures and kernel panics, leading to device reboots or downtime. This can impact critical services, especially in sectors like manufacturing, smart city infrastructure, and transportation where Nvidia Tegra platforms are deployed. The denial of service caused by kernel panics can interrupt data flows, degrade system reliability, and increase maintenance costs. Since the vulnerability affects network controller drivers, it may also complicate remote management and monitoring of affected devices. Although the vulnerability does not directly expose confidentiality or integrity risks, the availability impact can indirectly affect business continuity and safety-critical operations. European organizations with supply chains or products incorporating Nvidia Tegra Linux-based devices should assess their exposure and prioritize patching to prevent potential disruptions.
Mitigation Recommendations
To mitigate CVE-2025-21663, organizations should: 1) Apply the latest Linux kernel updates that include the patched stmmac driver fixing the SID handling for Nvidia Tegra MGBE controllers. Monitor Linux kernel mailing lists and vendor advisories for the official patch release. 2) For embedded systems where kernel updates are challenging, consider vendor firmware updates or kernel backports that address this issue. 3) Validate device tree configurations to ensure correct SID values are specified for each MGBE controller to avoid fallback on hardcoded defaults. 4) Implement monitoring for kernel softirq timeouts and network interface resets to detect early signs of this issue in production environments. 5) Where possible, isolate affected devices from critical network segments until patched to reduce impact of potential outages. 6) Engage with Nvidia and Linux distribution vendors for guidance on secure kernel versions and recommended configurations. 7) Test patches in staging environments to confirm resolution and stability before wide deployment. These steps go beyond generic advice by focusing on device tree validation, monitoring for specific kernel softirq stalls, and vendor collaboration for embedded platform support.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-12-29T08:45:45.732Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9774
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 4:43:20 PM
Last updated: 8/18/2025, 11:28:11 PM
Views: 15
Related Threats
CVE-2025-55581: n/a
UnknownCVE-2025-52085: n/a
UnknownCVE-2025-43760: CWE-79: Cross-site Scripting in Liferay Portal
MediumCVE-2025-55613: n/a
HighCVE-2025-57800: CWE-523: Unprotected Transport of Credentials in advplyr audiobookshelf
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.