PT-2025-10071 · Linux+9 · Linux Kernel+9

John Stultz

·

Published

2025-02-12

·

Updated

2026-05-26

·

CVE-2025-21839

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A bug in the Linux kernel's KVM (Kernel-based Virtual Machine) implementation allows the guest's DR6 value to be clobbered when the guest modifies DR6 and then a fastpath VM-Exit occurs. This issue primarily affects nested VMX setups, where the window between hardware DR6 being modified and DR6 being read by guest software is larger. The bug can cause the guest's actual DR6 value to be lost.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Initialization

Weakness Enumeration

CWE-665

Related Identifiers

ALSA-2025:20518
BDU:2025-12248
CVE-2025-21839
DLA-4271-1
DSA-5925-1
ECHO-7E27-4885-0E91
INFSA-2025_20518
OESA-2025-2077
OESA-2025-2078
OESA-2025-2079
OPENSUSE-SU-2025_01620-1
OPENSUSE-SU-2025_01640-1
OPENSUSE-SU-2025_1195-1
RHSA-2025:20518
RHSA-2025_20518
SUSE-SU-2025:01620-1
SUSE-SU-2025:01640-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:1183-1
SUSE-SU-2025:1195-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025_01620-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
SUSE-SU-2025_1195-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7655-1
USN-7686-1
USN-7703-1
USN-7703-2
USN-7703-3
USN-7703-4
USN-7711-1
USN-7712-1
USN-7712-2
USN-7719-1
USN-7737-1

Affected Products

Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu