CVE-2025-40293

Summary

In the Linux kernel, the following vulnerability has been resolved:

iommufd: Don't overflow during division for dirty tracking

If pgshift is 63 then BITS_PER_TYPE(*bitmap->bitmap) * pgsize will overflow to 0 and this triggers divide by 0.

In this case the index should just be 0, so reorganize things to divide by shift and avoid hitting any overflows.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < 07105e61882ff4a7d58db63cc5f9e90c6c60506caffected
LinuxLinux58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < 4c8a4f1d34eced168cc0b3a3dfe7b6dcc2090f69affected
LinuxLinux58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < de7f2c67ceb1941b05b04ac35458a03e93cc57b1affected
LinuxLinux58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < dbf316fc90aa954dcd5440817f4b944627ed63e0affected
LinuxLinux58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < cb30dfa75d55eced379a42fd67bd5fb7ec38555eaffected
LinuxLinux6.1affected
LinuxLinux0 < 6.1unaffected
LinuxLinux6.1.159 <= 6.1.*unaffected
LinuxLinux6.6.117 <= 6.6.*unaffected
LinuxLinux6.12.58 <= 6.12.*unaffected
LinuxLinux6.17.8 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References