CVE-2025-39699

Summary

In the Linux kernel, the following vulnerability has been resolved:

iommu/riscv: prevent NULL deref in iova_to_phys

The riscv_iommu_pte_fetch() function returns either NULL for unmapped/never-mapped iova, or a valid leaf pte pointer that requires no further validation.

riscv_iommu_iova_to_phys() failed to handle NULL returns. Prevent null pointer dereference in riscv_iommu_iova_to_phys(), and remove the pte validation.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux488ffbf181718b9ad8c1838cb249d60973e78eda < 220c491490255b656672bb572b18460cd9155926affected
LinuxLinux488ffbf181718b9ad8c1838cb249d60973e78eda < 99d4d1a070870aa08163af8ce0522992b7f35d8caffected
LinuxLinux6.13affected
LinuxLinux0 < 6.13unaffected
LinuxLinux6.16.4 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References