CVE-2025-23135

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A vulnerability in the Linux kernel has been resolved. The issue occurs during a module removal, where kvm exit invokes arch-specific disable calls, which can lead to inconsistent state of IRQ. This results in a warning when trying to insert the KVM kernel module afterwards. The vulnerability is related to the RISC-V architecture and the KVM (Kernel-based Virtual Machine) module.

Recommendations For Linux kernel versions prior to the fixed version, invoke aia exit and other arch-specific cleanup functions after kvm exit to ensure that disable gets a chance to be called first before exit. At the moment, there is no information about a newer version that contains a fix for this vulnerability.