CVE-2025-22094: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's PowerPC performance monitoring unit (PMU) was discovered and assigned CVE-2025-22094. The issue was disclosed on April 16, 2025, affecting the 'vpa_pmu' module which exposes Book3s-HV nested APIv2 provided L1<->L2 context switch latency counters to L1 user-space via perf-events (NVD).

The vulnerability stems from a reference counting issue where the newly introduced PMU named 'vpa_pmu' doesn't assign ownership of the PMU to its module. This allows the module to be unloaded while perf-events are still active, potentially leading to kernel oops and system panic. The issue manifests as a NULL pointer dereference on read at address 0x00000058, triggering kernel panics with the message 'Aiee, killing interrupt handler!' The vulnerability has been assigned a CVSS v3.1 base score of 5.5 with attack vector: Local, attack complexity: Low, privileges required: Low, user interaction: None, scope: Unchanged, and impact primarily affecting availability (Red Hat XML).

When exploited, this vulnerability can cause system instability through kernel panics, specifically on Pseries-LPAR systems. The impact is primarily focused on system availability, as the NULL pointer dereference can lead to system crashes when the module is unloaded while perf-events are still active (NVD).

The fix involves adding module ownership to 'vpa_pmu' so that the module is properly ref-counted and prevented from being unloaded when perf-events are initialized. This ensures the module remains loaded as long as there are active perf-events using it (NVD).