Close Menu
    DevStackTipsDevStackTips
    • Home
    • News & Updates
      1. Tech & Work
      2. View All

      8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

      July 11, 2025

      Vibe Loop: AI-native reliability engineering for the real world

      July 10, 2025

      Docker Compose gets new features for building and running agents

      July 10, 2025

      Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

      July 10, 2025

      This discounted SSD fixed my gaming handheld’s biggest weakness — Extra storage space for Steam Deck, ASUS ROG Ally, and Lenovo Legion Go

      July 11, 2025

      These are the 5 Prime Day deals I’d buy if I weren’t about to have a baby

      July 11, 2025

      OpenAI’s $6.5 billion purchase fuels Sam Altman’s quest to build next-gen computers for “transcendentally good” AI — The biggest tech disruption since the iPhone?

      July 11, 2025

      Don’t miss out on the best ROG Ally accessory deals going on now — Improve your gaming handheld PC with a microSD card, power bank, dock, and more

      July 11, 2025
    • Development
      1. Algorithms & Data Structures
      2. Artificial Intelligence
      3. Back-End Development
      4. Databases
      5. Front-End Development
      6. Libraries & Frameworks
      7. Machine Learning
      8. Security
      9. Software Engineering
      10. Tools & IDEs
      11. Web Design
      12. Web Development
      13. Web Security
      14. Programming Languages
        • PHP
        • JavaScript
      Featured

      Regolith – A JavaScript library immune to ReDoS attacks

      July 11, 2025
      Recent

      Regolith – A JavaScript library immune to ReDoS attacks

      July 11, 2025

      Create Your Own Redux: Build a Custom State Management in React

      July 11, 2025

      Perficient Nagpur Celebrates Contentstack Implementation Certification Success!

      July 11, 2025
    • Operating Systems
      1. Windows
      2. Linux
      3. macOS
      Featured

      This discounted SSD fixed my gaming handheld’s biggest weakness — Extra storage space for Steam Deck, ASUS ROG Ally, and Lenovo Legion Go

      July 11, 2025
      Recent

      This discounted SSD fixed my gaming handheld’s biggest weakness — Extra storage space for Steam Deck, ASUS ROG Ally, and Lenovo Legion Go

      July 11, 2025

      These are the 5 Prime Day deals I’d buy if I weren’t about to have a baby

      July 11, 2025

      OpenAI’s $6.5 billion purchase fuels Sam Altman’s quest to build next-gen computers for “transcendentally good” AI — The biggest tech disruption since the iPhone?

      July 11, 2025
    • Learning Resources
      • Books
      • Cheatsheets
      • Tutorials & Guides
    Home»Security»Common Vulnerabilities and Exposures (CVEs)»CVE-2025-38335 – Linux Kernel gpio-keys Soft Lockup Vulnerability

    CVE-2025-38335 – Linux Kernel gpio-keys Soft Lockup Vulnerability

    July 10, 2025

    CVE ID : CVE-2025-38335

    Published : July 10, 2025, 9:15 a.m. | 4 hours, 51 minutes ago

    Description : In the Linux kernel, the following vulnerability has been resolved:

    Input: gpio-keys – fix a sleep while atomic with PREEMPT_RT

    When enabling PREEMPT_RT, the gpio_keys_irq_timer() callback runs in
    hard irq context, but the input_event() takes a spin_lock, which isn’t
    allowed there as it is converted to a rt_spin_lock().

    [ 4054.289999] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48
    [ 4054.290028] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/0
    …
    [ 4054.290195] __might_resched+0x13c/0x1f4
    [ 4054.290209] rt_spin_lock+0x54/0x11c
    [ 4054.290219] input_event+0x48/0x80
    [ 4054.290230] gpio_keys_irq_timer+0x4c/0x78
    [ 4054.290243] __hrtimer_run_queues+0x1a4/0x438
    [ 4054.290257] hrtimer_interrupt+0xe4/0x240
    [ 4054.290269] arch_timer_handler_phys+0x2c/0x44
    [ 4054.290283] handle_percpu_devid_irq+0x8c/0x14c
    [ 4054.290297] handle_irq_desc+0x40/0x58
    [ 4054.290307] generic_handle_domain_irq+0x1c/0x28
    [ 4054.290316] gic_handle_irq+0x44/0xcc

    Considering the gpio_keys_irq_isr() can run in any context, e.g. it can
    be threaded, it seems there’s no point in requesting the timer isr to
    run in hard irq context.

    Relax the hrtimer not to use the hard context.

    Severity: 0.0 | NA

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Facebook Twitter Reddit Email Copy Link
    Previous ArticleCVE-2025-38338 – “NFS Linux Kernel Deadlock and Unlocked Folio Vulnerability”
    Next Article CVE-2025-38336 – VIA ata DMA Hard Hang Vulnerability

    Related Posts

    Development

    Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

    July 11, 2025
    Development

    Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

    July 11, 2025
    Leave A Reply Cancel Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

    Continue Reading

    Introducing Gemini 2.5 Flash

    Artificial Intelligence
    Elon Musk got roasted in Path of Exile 2 livestream — He rage-quit after dying over and over

    Elon Musk got roasted in Path of Exile 2 livestream — He rage-quit after dying over and over

    News & Updates

    Transforming News Into Audio Experiences with MongoDB and AI

    Databases

    Burn It With Fire: How to Eliminate an Industry-Wide Supply Chain Vulnerability

    Security

    Highlights

    CVE-2025-39412 – Averta Master Slider Unauthenticated Access Vulnerability

    May 19, 2025

    CVE ID : CVE-2025-39412

    Published : May 19, 2025, 6:15 p.m. | 33 minutes ago

    Description : Missing Authorization vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.10.8.

    Severity: 4.3 | MEDIUM

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    CVE-2025-39395 – Mojoomla WPAMS SQL Injection

    May 19, 2025

    CVE-2025-47153 – “Nodejs libuv Out-of-Bounds Access Vulnerability”

    May 1, 2025

    rbw is an unofficial Bitwarden CLI

    April 14, 2025
    © DevStackTips 2025. All rights reserved.
    • Contact
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.