CVE-2025-68171
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2025-12-18

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: <TASK> fpu__clear_user_states+0x9c/0x100 arch_do_signal_or_restart+0x142/0x210 exit_to_user_mode_loop+0x55/0x100 do_syscall_64+0x205/0x2c0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 Chao further identified [2] a reproducible scenario involving signal delivery: a non-AMX task is preempted by an AMX-enabled task which modifies the XFD MSR. When the non-AMX task resumes and reloads XSTATE with init values, a warning is triggered due to a mismatch between fpstate::xfd and the CPU's current XFD state. fpu__clear_user_states() does not currently re-synchronize the XFD state after such preemption. Invoke xfd_update_state() which detects and corrects the mismatch if there is a dynamic feature. This also benefits the sigreturn path, as fpu__restore_sig() may call fpu__clear_user_states() when the sigframe is inaccessible. [ dhansen: minor changelog munging ]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-18
Generated
2026-05-07
AI Q&A
2025-12-16
EPSS Evaluated
2026-05-05
NVD
CVE-2025-68171
EUVD
EUVD-2025-203725
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's x86 floating point unit (FPU) handling, specifically related to the XFD (Extended Feature Disable) state during signal delivery. When a non-AMX task is preempted by an AMX-enabled task that modifies the XFD MSR, the non-AMX task may resume with a mismatch between its floating point state and the CPU's current XFD state. This mismatch triggers warnings and indicates that the kernel's fpu__clear_user_states() function does not properly resynchronize the XFD state after such preemption. The fix involves invoking xfd_update_state() to detect and correct this mismatch, ensuring proper synchronization of the FPU state during context switches and signal handling.


How can this vulnerability impact me? :

This vulnerability can cause kernel warnings and potential instability when running workloads involving AMX-enabled tasks and signal delivery, such as KVM tests. The mismatch in FPU state synchronization could lead to unexpected behavior or crashes in affected systems, impacting system reliability and performance during context switches involving AMX features.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by observing kernel warning messages related to the XFD state mismatch during signal delivery. Specifically, look for kernel logs containing warnings like: 'WARNING: CPU: ... at xfd_validate_state+0x65/0x70' and call traces involving fpu__clear_user_states and signal handling functions. You can check the kernel logs using commands such as 'dmesg | grep xfd_validate_state' or 'journalctl -k | grep xfd_validate_state' to identify these warnings.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Linux kernel to a version that includes the fix for this vulnerability, which ensures the XFD state is properly synchronized on signal delivery by invoking xfd_update_state(). Until the update is applied, monitoring for the warning messages and avoiding workloads that trigger the issue (such as running AMX-enabled tasks preempting non-AMX tasks) may reduce the risk.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart