CVE-2025-40311
BaseFortify
Publication date: 2025-12-08
Last updated on: 2025-12-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's habanalabs accelerator driver when IOMMU is enabled. The function dma_alloc_coherent() with GFP_USER can return addresses from the vmalloc range. If these addresses are mapped without the VM_MIXEDMAP flag, vm_insert_page() triggers a kernel BUG_ON due to VM_PFNMAP restrictions, causing kernel crashes. The fix involves detecting vmalloc addresses and setting VM_MIXEDMAP in the virtual memory area (VMA) before mapping, ensuring safe mapping and preventing crashes. The allocated memory remains driver-controlled and is not accessible directly by userspace.
How can this vulnerability impact me? :
This vulnerability can cause kernel crashes when certain memory mappings are performed without proper flags, potentially leading to system instability or denial of service. However, it does not allow direct user access to the allocated memory, so it primarily impacts system reliability rather than confidentiality or integrity.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to a Linux kernel version that includes the fix for this vulnerability. The fix involves checking for vmalloc addresses and setting VM_MIXEDMAP in the VMA before mapping to avoid kernel crashes when IOMMU is enabled. Ensuring your system is running the updated kernel will mitigate this issue.