CVE-2025-40058
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Disallow dirty tracking if incoherent page walk
Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- structure memory must be coherent between the IOMMU and the CPU. In another word, if the iommu page walk is incoherent, dirty page tracking doesn't work.
The Intel VT-d specification, Section 3.10 "Snoop Behavior" states:
"Remapping hardware encountering the need to atomically update A/EA/D bits in a paging-structure entry that is not snooped will result in a non- recoverable fault."
To prevent an IOMMU from being incorrectly configured for dirty page tracking when it is operating in an incoherent mode, mark SSADS as supported only when both ecap_slads and ecap_smpwc are supported.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | f35f22cc760eb2c7034bf53251399685d611e03f < ebe16d245a00626bb87163862a1b07daf5475a3e | affected |
| Linux | Linux | f35f22cc760eb2c7034bf53251399685d611e03f < 8d096ce0e87bdc361f0b25d7943543bc53aa0b9e | affected |
| Linux | Linux | f35f22cc760eb2c7034bf53251399685d611e03f < 57f55048e564dedd8a4546d018e29d6bbfff0a7e | affected |
| Linux | Linux | 6.7 | affected |
| Linux | Linux | 0 < 6.7 | unaffected |
| Linux | Linux | 6.12.53 <= 6.12.* | unaffected |
| Linux | Linux | 6.17.3 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/ebe16d245a00626bb87163862a1b07daf5475a3e
- https://git.kernel.org/stable/c/8d096ce0e87bdc361f0b25d7943543bc53aa0b9e
- https://git.kernel.org/stable/c/57f55048e564dedd8a4546d018e29d6bbfff0a7e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.