CVE-2025-40293

high

Description

In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITS_PER_TYPE(*bitmap->bitmap) * pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to divide by shift and avoid hitting any overflows.

References

https://git.kernel.org/stable/c/de7f2c67ceb1941b05b04ac35458a03e93cc57b1

https://git.kernel.org/stable/c/dbf316fc90aa954dcd5440817f4b944627ed63e0

https://git.kernel.org/stable/c/cb30dfa75d55eced379a42fd67bd5fb7ec38555e

https://git.kernel.org/stable/c/4c8a4f1d34eced168cc0b3a3dfe7b6dcc2090f69

https://git.kernel.org/stable/c/07105e61882ff4a7d58db63cc5f9e90c6c60506c

Details

Source: Mitre, NVD

Published: 2025-12-08

Updated: 2025-12-08

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00018