Linux Kernel Vulnerability Affecting IOMMU Functionality
CVE-2025-37877

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 May 2025

Summary

A vulnerability has been identified in the Linux kernel that affects the handling of Input/Output Memory Management Units (IOMMU). When the function iommu_device_register() encounters an error, it can improperly manage the teardown of configured groups and default domains. This may result in devices still being linked to iommu-dma, despite the dysfunction of the IOMMU driver. The lack of proper cleanup could lead to system instability, such as crashes within the iommu-dma operations. Enhancements have been proposed to ensure that the dev->dma_iommu flag and related configurations are thoroughly reset, maintaining system integrity.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 104a84276821aed0ed241ce0d82d6c3267e3fcb8

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 280e5a30100578106a4305ce0118e0aa9b866f12

References

https://git.kernel.org/stable/c/b14d98641312d972bb3f38e82...

https://git.kernel.org/stable/c/104a84276821aed0ed241ce0d...

https://git.kernel.org/stable/c/280e5a30100578106a4305ce0...

Timeline

Vulnerability published
May 9, 2025
Vulnerability Reserved
Apr 16, 2025