CVE-2025-68334
Lifecycle Timeline
3Description
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Add support for Van Gogh SoC The ROG Xbox Ally (non-X) SoC features a similar architecture to the Steam Deck. While the Steam Deck supports S3 (s2idle causes a crash), this support was dropped by the Xbox Ally which only S0ix suspend. Since the handler is missing here, this causes the device to not suspend and the AMD GPU driver to crash while trying to resume afterwards due to a power hang.
Analysis
Linux kernel AMD platform management controller (PMC) driver lacks Van Gogh SoC suspend handler support, preventing S0ix suspend operations on affected devices and causing GPU driver crashes during resume due to power management failures. ASUS ROG Ally (non-X) handheld gaming devices are directly impacted. Local attackers or unprivileged users can trigger denial of service by attempting system suspend, rendering the device unresponsive and forcing a hard reboot. The vulnerability carries low exploitation probability (EPSS 0.03%) but affects a specific consumer hardware class; upstream patches are available in stable kernel branches.
Technical Context
The vulnerability exists in the platform/x86/amd/pmc Linux kernel subsystem, which manages power states on AMD SoCs through the Platform Management Controller interface. The Van Gogh SoC (used in ASUS ROG Ally non-X models) implements S0ix (S0 with CPU and uncore subsystem idle) rather than S3 suspend-to-RAM like Steam Deck variants. The missing handler prevents proper firmware communication during S0ix transitions, leaving power rails and GPU clocks in inconsistent states. When the AMD GPU driver attempts to resume, it encounters a hardware power hang, triggering a crash. This is categorized as a missing feature/handler implementation rather than a buffer overflow or memory corruption, falling under improper resource management patterns. The root cause is incomplete device support matrix in the pmc.c platform driver code.
Affected Products
Linux kernel versions prior to the fixes integrated into stable branches are affected, specifically on systems running ASUS ROG Ally (non-X) and other devices using the Van Gogh SoC. Kernel commits 8af210df4f71dda74dc027da69372a028c6d4d84, 9654c56b111cd1415aca7e77f0c63c109453c409, 996092ba6df66e2ac8cf9022007a7c8a412e7733, and db4a3f0fbedb0398f77b9047e8b8bb2b49f355bb in the stable kernel repository represent the corrective patches. Ubuntu advisory USN-8094-4 references this CVE, indicating inclusion in Ubuntu kernel security updates. The exact upstream kernel version ranges are not explicitly specified in the provided data, but patches are available in stable Git branches as referenced at https://git.kernel.org/stable/.
Remediation
Update the Linux kernel to a version incorporating the Van Gogh PMC handler fixes available in stable kernel branches (commits referenced at https://git.kernel.org/stable/c/8af210df4f71dda74dc027da69372a028c6d4d84 and related commits). For Ubuntu systems, apply USN-8094-4 security updates. If immediate patching is not feasible, disable S0ix suspend and enforce S3 suspend via kernel command-line parameter 'mem_sleep_default=deep' or BIOS settings where available; note that S3 may not be fully supported on Xbox Ally hardware. Users should avoid suspending the device until patches are applied, relying instead on screen timeout and manual power-off. Hardware vendors (ASUS) may release BIOS updates that implement PMC firmware corrections independently of kernel updates.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today