CVE-2025-21821: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2 Hardware name: Nokia 770 Call trace: unwind_backtrace from show_stack+0x10/0x14 show_stack from dump_stack_lvl+0x54/0x5c dump_stack_lvl from __schedule_bug+0x50/0x70 __schedule_bug from __schedule+0x4d4/0x5bc __schedule from schedule+0x34/0xa0 schedule from schedule_preempt_disabled+0xc/0x10 schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4 __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4 clk_prepare_lock from clk_set_rate+0x18/0x154 clk_set_rate from sossi_read_data+0x4c/0x168 sossi_read_data from hwa742_read_reg+0x5c/0x8c hwa742_read_reg from send_frame_handler+0xfc/0x300 send_frame_handler from process_pending_requests+0x74/0xd0 process_pending_requests from lcd_dma_irq_handler+0x50/0x74 lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130 __handle_irq_event_percpu from handle_irq_event+0x28/0x68 handle_irq_event from handle_level_irq+0x9c/0x170 handle_level_irq from generic_handle_domain_irq+0x2c/0x3c generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c generic_handle_arch_irq from call_with_stack+0x1c/0x24 call_with_stack from __irq_svc+0x94/0xa8 Exception stack(0xc5255da0 to 0xc5255de8) 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94 5de0: 60000013 ffffffff __irq_svc from clk_prepare_lock+0x4c/0xe4 clk_prepare_lock from clk_get_rate+0x10/0x74 clk_get_rate from uwire_setup_transfer+0x40/0x180 uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664 spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498 __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8 __spi_sync from spi_sync+0x24/0x40 spi_sync from ads7846_halfd_read_state+0x5c/0x1c0 ads7846_halfd_read_state from ads7846_irq+0x58/0x348 ads7846_irq from irq_thread_fn+0x1c/0x78 irq_thread_fn from irq_thread+0x120/0x228 irq_thread from kthread+0xc8/0xe8 kthread from ret_from_fork+0x14/0x28 As a quick fix, switch to a threaded IRQ which provides a stable system.
AI Analysis
Technical Summary
CVE-2025-21821 is a vulnerability identified in the Linux kernel affecting the framebuffer device (fbdev) driver for OMAP platforms, specifically related to the handling of LCD DMA interrupts when using touchscreen and framebuffer functionalities. The issue manifests as a system crash on devices such as the Nokia 770, triggered by a 'BUG: scheduling while atomic' error during interrupt handling. The root cause is related to the use of a non-threaded interrupt request (IRQ) handler for LCD DMA operations, which leads to improper scheduling attempts in atomic context, causing kernel panics and system instability. The technical trace indicates that the problem arises from the irq/144-ads7846 handler, which interacts with the touchscreen controller and framebuffer DMA, ultimately leading to a deadlock or crash due to scheduling calls in atomic context. The recommended fix is to switch from a standard IRQ handler to a threaded IRQ handler for the LCD DMA, which allows the interrupt handling code to sleep safely and avoid scheduling in atomic context, thus stabilizing the system. This vulnerability affects specific Linux kernel versions identified by the commit hash 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and is relevant primarily to embedded devices using OMAP hardware with touchscreen and framebuffer support. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2025-21821 is primarily relevant to those deploying embedded Linux systems based on OMAP hardware platforms, such as industrial control systems, specialized handheld devices, or legacy equipment like the Nokia 770. The vulnerability can cause system crashes and instability, leading to denial of service conditions on affected devices. This could disrupt critical operations in sectors relying on embedded Linux devices with touchscreen interfaces, including manufacturing, healthcare, and telecommunications. While the vulnerability does not appear to allow privilege escalation or remote code execution, the resulting instability could impact availability and operational continuity. Organizations using custom or legacy Linux kernels with OMAP support should be particularly vigilant. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to accidental crashes or targeted disruption by attackers with local access or the ability to trigger touchscreen/framebuffer operations.
Mitigation Recommendations
To mitigate CVE-2025-21821, organizations should: 1) Identify all embedded Linux devices using OMAP hardware with touchscreen and framebuffer support, especially those running kernel versions matching the affected commit. 2) Apply the upstream Linux kernel patch that switches the LCD DMA IRQ handler to a threaded IRQ model, which is the recommended fix to prevent scheduling in atomic context. 3) For devices where kernel updates are not feasible, consider disabling touchscreen or framebuffer features if possible to reduce exposure. 4) Implement monitoring for kernel crashes or instability symptoms related to IRQ handling on affected devices. 5) Engage with device vendors or maintainers to obtain updated firmware or kernel versions incorporating the fix. 6) Limit local access to affected devices to reduce the risk of intentional triggering of the vulnerability. These steps go beyond generic advice by focusing on embedded device identification, patch application, and operational controls specific to the nature of this vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland
CVE-2025-21821: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2 Hardware name: Nokia 770 Call trace: unwind_backtrace from show_stack+0x10/0x14 show_stack from dump_stack_lvl+0x54/0x5c dump_stack_lvl from __schedule_bug+0x50/0x70 __schedule_bug from __schedule+0x4d4/0x5bc __schedule from schedule+0x34/0xa0 schedule from schedule_preempt_disabled+0xc/0x10 schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4 __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4 clk_prepare_lock from clk_set_rate+0x18/0x154 clk_set_rate from sossi_read_data+0x4c/0x168 sossi_read_data from hwa742_read_reg+0x5c/0x8c hwa742_read_reg from send_frame_handler+0xfc/0x300 send_frame_handler from process_pending_requests+0x74/0xd0 process_pending_requests from lcd_dma_irq_handler+0x50/0x74 lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130 __handle_irq_event_percpu from handle_irq_event+0x28/0x68 handle_irq_event from handle_level_irq+0x9c/0x170 handle_level_irq from generic_handle_domain_irq+0x2c/0x3c generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c generic_handle_arch_irq from call_with_stack+0x1c/0x24 call_with_stack from __irq_svc+0x94/0xa8 Exception stack(0xc5255da0 to 0xc5255de8) 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94 5de0: 60000013 ffffffff __irq_svc from clk_prepare_lock+0x4c/0xe4 clk_prepare_lock from clk_get_rate+0x10/0x74 clk_get_rate from uwire_setup_transfer+0x40/0x180 uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664 spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498 __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8 __spi_sync from spi_sync+0x24/0x40 spi_sync from ads7846_halfd_read_state+0x5c/0x1c0 ads7846_halfd_read_state from ads7846_irq+0x58/0x348 ads7846_irq from irq_thread_fn+0x1c/0x78 irq_thread_fn from irq_thread+0x120/0x228 irq_thread from kthread+0xc8/0xe8 kthread from ret_from_fork+0x14/0x28 As a quick fix, switch to a threaded IRQ which provides a stable system.
AI-Powered Analysis
Technical Analysis
CVE-2025-21821 is a vulnerability identified in the Linux kernel affecting the framebuffer device (fbdev) driver for OMAP platforms, specifically related to the handling of LCD DMA interrupts when using touchscreen and framebuffer functionalities. The issue manifests as a system crash on devices such as the Nokia 770, triggered by a 'BUG: scheduling while atomic' error during interrupt handling. The root cause is related to the use of a non-threaded interrupt request (IRQ) handler for LCD DMA operations, which leads to improper scheduling attempts in atomic context, causing kernel panics and system instability. The technical trace indicates that the problem arises from the irq/144-ads7846 handler, which interacts with the touchscreen controller and framebuffer DMA, ultimately leading to a deadlock or crash due to scheduling calls in atomic context. The recommended fix is to switch from a standard IRQ handler to a threaded IRQ handler for the LCD DMA, which allows the interrupt handling code to sleep safely and avoid scheduling in atomic context, thus stabilizing the system. This vulnerability affects specific Linux kernel versions identified by the commit hash 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and is relevant primarily to embedded devices using OMAP hardware with touchscreen and framebuffer support. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2025-21821 is primarily relevant to those deploying embedded Linux systems based on OMAP hardware platforms, such as industrial control systems, specialized handheld devices, or legacy equipment like the Nokia 770. The vulnerability can cause system crashes and instability, leading to denial of service conditions on affected devices. This could disrupt critical operations in sectors relying on embedded Linux devices with touchscreen interfaces, including manufacturing, healthcare, and telecommunications. While the vulnerability does not appear to allow privilege escalation or remote code execution, the resulting instability could impact availability and operational continuity. Organizations using custom or legacy Linux kernels with OMAP support should be particularly vigilant. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to accidental crashes or targeted disruption by attackers with local access or the ability to trigger touchscreen/framebuffer operations.
Mitigation Recommendations
To mitigate CVE-2025-21821, organizations should: 1) Identify all embedded Linux devices using OMAP hardware with touchscreen and framebuffer support, especially those running kernel versions matching the affected commit. 2) Apply the upstream Linux kernel patch that switches the LCD DMA IRQ handler to a threaded IRQ model, which is the recommended fix to prevent scheduling in atomic context. 3) For devices where kernel updates are not feasible, consider disabling touchscreen or framebuffer features if possible to reduce exposure. 4) Implement monitoring for kernel crashes or instability symptoms related to IRQ handling on affected devices. 5) Engage with device vendors or maintainers to obtain updated firmware or kernel versions incorporating the fix. 6) Limit local access to affected devices to reduce the risk of intentional triggering of the vulnerability. These steps go beyond generic advice by focusing on embedded device identification, patch application, and operational controls specific to the nature of this vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-12-29T08:45:45.775Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9832c4522896dcbe8909
Added to database: 5/21/2025, 9:09:06 AM
Last enriched: 6/30/2025, 9:27:35 AM
Last updated: 8/16/2025, 5:57:10 PM
Views: 18
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.