CVE-2025-38064
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-18

Last updated on: 2025-11-14

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on device_shutdown() Hongyu reported a hang on kexec in a VM. QEMU reported invalid memory accesses during the hang. Invalid read at addr 0x102877002, size 2, region '(null)', reason: rejected Invalid write at addr 0x102877A44, size 2, region '(null)', reason: rejected ... It was traced down to virtio-console. Kexec works fine if virtio-console is not in use. The issue is that virtio-console continues to write to the MMIO even after underlying virtio-pci device is reset. Additionally, Eric noticed that IOMMUs are reset before devices, if devices are not reset on shutdown they continue to poke at guest memory and get errors from the IOMMU. Some devices get wedged then. The problem can be solved by breaking all virtio devices on virtio bus shutdown, then resetting them.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-18
Last Modified
2025-11-14
Generated
2026-05-07
AI Q&A
2025-06-18
EPSS Evaluated
2026-05-05
NVD
CVE-2025-38064
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's virtio subsystem, specifically with virtio-console. The issue is that virtio-console continues to write to memory-mapped I/O (MMIO) even after the underlying virtio-pci device has been reset during device shutdown. This causes invalid memory accesses and can lead to system hangs, particularly during kexec in virtual machines. The root cause is that devices are not properly broken and reset on shutdown, allowing them to continue accessing guest memory incorrectly.


How can this vulnerability impact me? :

This vulnerability can cause system hangs and instability in virtual machines using virtio-console, especially during kexec operations. It can lead to invalid memory accesses and errors from the IOMMU, potentially causing devices to become wedged and unresponsive. This can disrupt normal operation and affect the reliability of virtualized environments.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability can be mitigated by ensuring that all virtio devices are properly broken and reset on virtio bus shutdown. Specifically, avoid using virtio-console if possible until the fix is applied, as virtio-console continues to write to MMIO after the underlying virtio-pci device is reset, causing invalid memory accesses. Applying the patch or update that breaks and resets virtio devices on device_shutdown() will resolve the issue.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart