CVE-2025-40026

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc5-c1610d2d66b1-next-vm

Description The Linux kernel contains an issue within the KVM component related to handling L1 intercepts during userspace I/O completion. Specifically, the kernel may recheck L1 intercepts even after KVM has finished the initial phase of instruction execution, potentially leading to incorrect I/O permission handling. This can occur when port I/O interception is toggled during a userspace I/O exit, resulting in a warning related to the vcpu->arch.pio.count value. The issue was detected by a syzkaller program.

Recommendations Update to version 6.16.0-rc5-c1610d2d66b1-next-vm or a later version to address this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-275

Related Identifiers

BDU:2025-13607

CVE-2025-40026

DLA-4379-1

DLA-4404-1

DSA-6053-1

ECHO-9475-E0D5-F6B9

MGASA-2025-0309

MGASA-2025-0310

OESA-2025-2656

OESA-2025-2657

OESA-2025-2658

OPENSUSE-SU-2025:15702-1

OPENSUSE-SU-2026:10301-1

USN-7906-1

USN-7906-2

USN-7906-3

USN-8033-1

USN-8033-2

USN-8033-3

USN-8033-4

USN-8033-5

USN-8033-6

USN-8033-7

USN-8033-8

USN-8034-1

USN-8034-2

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8141-1

USN-8163-1

USN-8163-2

USN-8165-1

USN-8243-1

USN-8261-1

Affected Products

Debian

Kvm

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-40026

Weakness Enumeration

Related Identifiers

Affected Products

References · 1796