PT-2025-44126 · Linux+7 · Linux Kernel+7

Published

2025-09-26

·

Updated

2026-05-07

·

CVE-2025-40058

CVSS v2.0

4.5

Medium

VectorAV:L/AC:H/Au:S/C:N/I:P/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw in the IOMMU/VT-d component related to dirty page tracking. Dirty page tracking depends on the IOMMU atomically updating the dirty bit in the paging-structure entry, which requires coherent paging-structure memory between the IOMMU and the CPU. The Intel VT-d specification indicates that attempting to atomically update bits in a non-snooped paging-structure entry will result in a non-recoverable fault. The issue arises when an IOMMU is incorrectly configured for dirty page tracking while operating in an incoherent mode. This can occur if SSADS is supported without both ecap slads and ecap smpwc being supported.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2025:22405
ALSA-2025:22854
BDU:2025-13645
CVE-2025-40058
INFSA-2025_22405
OESA-2026-1305
OPENSUSE-SU-2025:15702-1
OPENSUSE-SU-2025:20091-1
OPENSUSE-SU-2026:10301-1
SUSE-SU-2025:21040-1
SUSE-SU-2025:21052-1
SUSE-SU-2025:21056-1
SUSE-SU-2025:21064-1
SUSE-SU-2025:21080-1
SUSE-SU-2025:21147-1
SUSE-SU-2025:21180-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4128-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4140-1
SUSE-SU-2025:4141-1
SUSE-SU-2025:4301-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8165-1
USN-8261-1

Affected Products

Almalinux
Intel Vt-D
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu