{"id":"CVE-2025-38322","summary":"perf/x86/intel: Fix crash in icl_update_topdown_event()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: Fix crash in icl_update_topdown_event()\n\nThe perf_fuzzer found a hard-lockup crash on a RaptorLake machine:\n\n  Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000\n  CPU: 23 UID: 0 PID: 0 Comm: swapper/23\n  Tainted: [W]=WARN\n  Hardware name: Dell Inc. Precision 9660/0VJ762\n  RIP: 0010:native_read_pmc+0x7/0x40\n  Code: cc e8 8d a9 01 00 48 89 03 5b cd cc cc cc cc 0f 1f ...\n  RSP: 000:fffb03100273de8 EFLAGS: 00010046\n  ....\n  Call Trace:\n    \u003cTASK\u003e\n    icl_update_topdown_event+0x165/0x190\n    ? ktime_get+0x38/0xd0\n    intel_pmu_read_event+0xf9/0x210\n    __perf_event_read+0xf9/0x210\n\nCPUs 16-23 are E-core CPUs that don't support the perf metrics feature.\nThe icl_update_topdown_event() should not be invoked on these CPUs.\n\nIt's a regression of commit:\n\n  f9bdf1f95339 (\"perf/x86/intel: Avoid disable PMU if !cpuc-\u003eenabled in sample read\")\n\nThe bug introduced by that commit is that the is_topdown_event() function\nis mistakenly used to replace the is_topdown_count() call to check if the\ntopdown functions for the perf metrics feature should be invoked.\n\nFix it.","modified":"2026-04-02T12:47:56.082449Z","published":"2025-07-10T08:14:57.603Z","related":["SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","SUSE-SU-2026:0447-1","SUSE-SU-2026:0471-1","SUSE-SU-2026:0472-1","SUSE-SU-2026:0587-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2025:20081-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38322.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/702ea6028032d6c1fe96c2d4762a3575e3654819"},{"type":"WEB","url":"https://git.kernel.org/stable/c/79e2dd573116d3338507c311460da9669095c94d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a85cc69acdcb05f8cd226b8ea0778b8e2e887e6f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b0823d5fbacb1c551d793cbfe7af24e0d1fa45ed"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e97c45c770f5e56c784a46c2a96ab968d26b97d9"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38322.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38322"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"781b2db0eb7731fbde510c268b7ccc62959c3feb"},{"fixed":"702ea6028032d6c1fe96c2d4762a3575e3654819"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e7f6922c8a5b41522a8329ea6bbf815993b2dd28"},{"fixed":"79e2dd573116d3338507c311460da9669095c94d"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3a8bec6583e5239de3bd597ab382dc6c2b0c29a1"},{"fixed":"e97c45c770f5e56c784a46c2a96ab968d26b97d9"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f9bdf1f953392c9edd69a7f884f78c0390127029"},{"fixed":"a85cc69acdcb05f8cd226b8ea0778b8e2e887e6f"},{"fixed":"b0823d5fbacb1c551d793cbfe7af24e0d1fa45ed"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"06cd7bfbb86e9db3e9013ea6636ad2c6f0a1664d"},{"last_affected":"d8370aa704bd7e384918c8f466856374725c0585"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38322.json"}}],"schema_version":"1.7.5"}