Legacy Mode Vulnerability in Linux Kernel Affecting Multiple Versions
CVE-2025-40155

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 November 2025

What is CVE-2025-40155?

A vulnerability exists in the debugfs for the IOMMU in the Linux kernel, specifically affecting legacy mode page table dump logic. When the translation type (TT) is not set to 00b or 01b, the SSPTPTR may remain uninitialized or set to zero, potentially leading to a critical system fault. This can result in a general protection fault for non-canonical addresses, disrupting system operations. Proper measures should be taken to avoid accessing the page table under these circumstances to maintain system stability.

Affected Version(s)

Linux 2b437e80456654df3980706384065d444f4bb54d

References

https://git.kernel.org/stable/c/d8cf7b59c49f9118fa875462e...

https://git.kernel.org/stable/c/df2bf759a0bdb71f13e327d75...

https://git.kernel.org/stable/c/fbe6070c73badca726e4ff787...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2025
Vulnerability Reserved
Apr 16, 2025

JSON