CVE-2025-39699
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
iommu/riscv: prevent NULL deref in iova_to_phys
The riscv_iommu_pte_fetch() function returns either NULL for unmapped/never-mapped iova, or a valid leaf pte pointer that requires no further validation.
riscv_iommu_iova_to_phys() failed to handle NULL returns. Prevent null pointer dereference in riscv_iommu_iova_to_phys(), and remove the pte validation.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 488ffbf181718b9ad8c1838cb249d60973e78eda < 220c491490255b656672bb572b18460cd9155926 | affected |
| Linux | Linux | 488ffbf181718b9ad8c1838cb249d60973e78eda < 99d4d1a070870aa08163af8ce0522992b7f35d8c | affected |
| Linux | Linux | 6.13 | affected |
| Linux | Linux | 0 < 6.13 | unaffected |
| Linux | Linux | 6.16.4 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/220c491490255b656672bb572b18460cd9155926
- https://git.kernel.org/stable/c/99d4d1a070870aa08163af8ce0522992b7f35d8c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.