CVE-2025-22011

Published: Apr 8, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4 the VPU firmware always crashes on xHCI power-domain resume: root@raspberrypi:/sys/power# echo freeze > state [ 70.724347] xhci_suspend finished [ 70.727730] xhci_plat_suspend finished [ 70.755624] bcm2835-power bcm2835-power: Power grafx off [ 70.761127] USB: Set power to 0 [ 74.653040] USB: Failed to set power to 1 (-110) This seems to be caused because of the mixed usage of raspberrypi-power and bcm2835-power at the same time. So avoid the usage of the VPU firmware power-domain driver, which prevents the VPU crash.

Vendor	Product	Versions
Linux	Linux	affected `522c35e08b53f157ad3e51848caa861b258001e4 - < b8a47aa0b3df701d0fc41b3caf78d00571776be0` affected `522c35e08b53f157ad3e51848caa861b258001e4 - < 393947e06867923d4c2be380d46efd03407a8ce2` affected `522c35e08b53f157ad3e51848caa861b258001e4 - < f44fa354a0715577ca32b085f6f60bcf32c748dd`
Linux	Linux	affected `6.8` unaffected `0 - < 6.8` unaffected `6.12.21 - <= 6.12.` unaffected `6.13.9 - <= 6.13.` unaffected `6.14 - <= *`

References

https://git.kernel.org/stable/c/b8a47aa0b3df701d0fc41b3caf78d00571776be0

https://git.kernel.org/stable/c/393947e06867923d4c2be380d46efd03407a8ce2

https://git.kernel.org/stable/c/f44fa354a0715577ca32b085f6f60bcf32c748dd

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-22011

Description

Affected Products

References