CVE-2025-21645: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-21645 affects the Linux kernel's platform/x86/amd/pmc component. The vulnerability was discovered and disclosed on January 19, 2025, and involves an issue where IRQ1 wakeup should only be disabled in cases where i8042 had actually enabled it. This vulnerability affects various Linux kernel versions and AMD platforms (NVD, Debian Tracker).

The vulnerability occurs when the PMC driver uses DEFINESIMPLEDEVPMOPS() to define its devpmops, which sets amdpmcsuspendhandler() to the .suspend, .freeze, and .poweroff handlers. However, i8042pmsuspend() is only set as the .suspend handler. This mismatch causes the 'wakedepth' for IRQ1 to attempt to drop below zero, resulting in an unpleasant WARN() being logged. The issue can be reproduced by hibernating (S4) the machine after a fresh boot without putting it into s2idle first (Kernel Commit).

When triggered, the vulnerability results in system warnings and potential system instability. The specific warning message appears as: 'kernel: atkbd serio0: Disabling IRQ1 wakeup source to avoid platform firmware bug' followed by an 'Unbalanced IRQ 1 wake disable' warning (Kernel Commit).

The issue has been fixed by modifying the PMC suspend handler to only be called from the same set of devpmops handlers as i8042pmsuspend(), which currently means just the .suspend handler. This fix has been implemented through a kernel patch that changes the DEFINESIMPLEDEVPMOPS to explicitly define only the .suspend operation (Kernel Commit).