CVE-2025-22011
📋 TL;DR
This vulnerability in the Linux kernel's ARM device tree for Raspberry Pi CM4 causes a crash in the VPU firmware when resuming from suspend-to-idle (s2idle) state due to conflicting power-domain drivers. It affects systems using Raspberry Pi CM4 with specific kernel versions. The crash prevents proper USB controller resumption and could lead to system instability.
💻 Affected Systems
- Raspberry Pi Compute Module 4 (CM4)
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System becomes unresponsive or crashes during suspend/resume cycles, potentially causing data loss or requiring physical reboot.
Likely Case
USB functionality fails to resume properly after suspend, requiring system reboot to restore functionality.
If Mitigated
Minor system instability during power state transitions with no data loss.
🎯 Exploit Status
This is a system stability issue rather than a security vulnerability that can be actively exploited. It requires physical access or local user privileges to trigger via suspend operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commit 393947e06867923d4c2be380d46efd03407a8ce2 or later
Vendor Advisory: https://git.kernel.org/stable/c/393947e06867923d4c2be380d46efd03407a8ce2
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commit. 2. For Raspberry Pi OS: Update via 'sudo apt update && sudo apt upgrade'. 3. Rebuild kernel if using custom kernel. 4. Reboot system after update.
🔧 Temporary Workarounds
Disable s2idle suspend mode
linuxPrevent system from entering the problematic suspend state
echo deep > /sys/power/mem_sleep
Disable USB suspend
linuxPrevent USB controller from suspending
for i in /sys/bus/usb/devices/*/power/autosuspend; do echo -1 > $i; done
🧯 If You Can't Patch
- Avoid using suspend-to-idle (s2idle) power states on affected systems
- Implement monitoring for system crashes during suspend/resume cycles and have reboot procedures ready
🔍 How to Verify
Check if Vulnerable:
Check if system uses Raspberry Pi CM4 and has experienced VPU firmware crashes during suspend/resume with error 'Failed to set power to 1 (-110)' in kernel logsCheck Version:
uname -rVerify Fix Applied:
Check kernel version contains fix commit: 'uname -r' and verify with 'git log --oneline | grep 393947e06867923d4c2be380d46efd03407a8ce2'📡 Detection & Monitoring
Log Indicators:
- kernel logs showing 'Failed to set power to 1 (-110)'
- VPU firmware crash messages during suspend/resume
- xhci_suspend/xhci_plat_suspend errors
Network Indicators:
- None - this is a local system issue
SIEM Query:
source="kernel" AND ("Failed to set power to 1 (-110)" OR "VPU firmware crash" OR "xhci_suspend finished" AND "bcm2835-power")