CVE-2025-21833

Summary

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE

There is a WARN_ON_ONCE to catch an unlikely situation when domain_remove_dev_pasid can't find the pasid. In case it nevertheless happens we must avoid using a NULL pointer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd87731f609318a27e9aa3d01cf97798599d32839 < 68ec78beb4a3fb0877cbaaf49758c85410c05977affected
LinuxLinuxd87731f609318a27e9aa3d01cf97798599d32839 < df96876be3b064aefc493f760e0639765d13ed0daffected
LinuxLinuxd87731f609318a27e9aa3d01cf97798599d32839 < 60f030f7418d3f1d94f2fb207fe3080e1844630baffected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux6.12.57 <= 6.12.*unaffected
LinuxLinux6.13.3 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References