CVE-2025-40293
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Don't overflow during division for dirty tracking
If pgshift is 63 then BITS_PER_TYPE(*bitmap->bitmap) * pgsize will overflow to 0 and this triggers divide by 0.
In this case the index should just be 0, so reorganize things to divide by shift and avoid hitting any overflows.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < 07105e61882ff4a7d58db63cc5f9e90c6c60506c | affected |
| Linux | Linux | 58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < 4c8a4f1d34eced168cc0b3a3dfe7b6dcc2090f69 | affected |
| Linux | Linux | 58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < de7f2c67ceb1941b05b04ac35458a03e93cc57b1 | affected |
| Linux | Linux | 58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < dbf316fc90aa954dcd5440817f4b944627ed63e0 | affected |
| Linux | Linux | 58ccf0190d19d9a8a41f8a02b9e06742b58df4a1 < cb30dfa75d55eced379a42fd67bd5fb7ec38555e | affected |
| Linux | Linux | 6.1 | affected |
| Linux | Linux | 0 < 6.1 | unaffected |
| Linux | Linux | 6.1.159 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.117 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.58 <= 6.12.* | unaffected |
| Linux | Linux | 6.17.8 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/07105e61882ff4a7d58db63cc5f9e90c6c60506c
- https://git.kernel.org/stable/c/4c8a4f1d34eced168cc0b3a3dfe7b6dcc2090f69
- https://git.kernel.org/stable/c/de7f2c67ceb1941b05b04ac35458a03e93cc57b1
- https://git.kernel.org/stable/c/dbf316fc90aa954dcd5440817f4b944627ed63e0
- https://git.kernel.org/stable/c/cb30dfa75d55eced379a42fd67bd5fb7ec38555e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.