CVE-2025-21840
📋 TL;DR
A Linux kernel vulnerability in the thermal netlink subsystem causes segmentation faults in userspace tools like intel-lpmd when they use outdated attribute values. This occurs due to improper ordering of enum values in a kernel UAPI header, affecting systems using thermal management features. The issue primarily impacts userspace applications that rely on thermal netlink events.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Denial of service through segmentation faults in critical thermal management tools, potentially affecting system stability and thermal regulation.
Likely Case
Userspace applications like intel-lpmd crash with segmentation faults when processing thermal events, disrupting thermal monitoring functionality.
If Mitigated
No impact if affected userspace tools are updated or not in use, or if the kernel is patched.
🎯 Exploit Status
This is not a traditional security exploit but a compatibility issue that causes crashes. No malicious exploitation required.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in commits 3a4ca365c51729143a2cab693cd40fe0bb585ef0 and c195b9c6ab9c383d7aa3f4a65879b3ca90cb378b
Vendor Advisory: https://git.kernel.org/stable/c/3a4ca365c51729143a2cab693cd40fe0bb585ef0
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fix commits. 2. Reboot system. 3. Update userspace thermal tools like intel-lpmd to versions compatible with the kernel changes.
🔧 Temporary Workarounds
Disable affected thermal tools
linuxStop or disable intel-lpmd and other thermal management tools that use thermal netlink events.
sudo systemctl stop intel-lpmd
sudo systemctl disable intel-lpmd
Update userspace tools
linuxUpdate intel-lpmd to version that checks THERMAL_GENL_VERSION and uses correct attribute values.
sudo apt update && sudo apt upgrade intel-lpmd
or use distribution-specific package update commands
🧯 If You Can't Patch
- Disable or remove intel-lpmd and other thermal netlink-dependent tools
- Use kernel versions before commit 1773572863c4 or after the fix commits
🔍 How to Verify
Check if Vulnerable:
Check if intel-lpmd or similar tools crash with segmentation faults when processing thermal events, or check kernel version against affected range.Check Version:
uname -rVerify Fix Applied:
Verify kernel contains fix commits and intel-lpmd runs without segmentation faults.📡 Detection & Monitoring
Log Indicators:
- Segmentation fault errors in system logs for intel-lpmd
- Kernel panic or thermal subsystem errors
Network Indicators:
- None - this is not network exploitable
SIEM Query:
source="system_logs" AND ("segmentation fault" AND "intel-lpmd") OR ("thermal" AND "netlink" AND "error")