CVE-2025-40058

Published: Oct 28, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- structure memory must be coherent between the IOMMU and the CPU. In another word, if the iommu page walk is incoherent, dirty page tracking doesn't work. The Intel VT-d specification, Section 3.10 "Snoop Behavior" states: "Remapping hardware encountering the need to atomically update A/EA/D bits in a paging-structure entry that is not snooped will result in a non- recoverable fault." To prevent an IOMMU from being incorrectly configured for dirty page tracking when it is operating in an incoherent mode, mark SSADS as supported only when both ecap_slads and ecap_smpwc are supported.

Vendor	Product	Versions
Linux	Linux	affected `f35f22cc760eb2c7034bf53251399685d611e03f - < ebe16d245a00626bb87163862a1b07daf5475a3e` affected `f35f22cc760eb2c7034bf53251399685d611e03f - < 8d096ce0e87bdc361f0b25d7943543bc53aa0b9e` affected `f35f22cc760eb2c7034bf53251399685d611e03f - < 57f55048e564dedd8a4546d018e29d6bbfff0a7e`
Linux	Linux	affected `6.7` unaffected `0 - < 6.7` unaffected `6.12.53 - <= 6.12.` unaffected `6.17.3 - <= 6.17.` unaffected `6.18 - <= *`

References

https://git.kernel.org/stable/c/ebe16d245a00626bb87163862a1b07daf5475a3e

https://git.kernel.org/stable/c/8d096ce0e87bdc361f0b25d7943543bc53aa0b9e

https://git.kernel.org/stable/c/57f55048e564dedd8a4546d018e29d6bbfff0a7e

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40058

Description

Affected Products

References