CVE-2025-37877 (GCVE-0-2025-37877)
Vulnerability from cvelistv5
Published
2025-05-09 06:45
Modified
2025-05-26 05:22
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: iommu: Clear iommu-dma ops on cleanup If iommu_device_register() encounters an error, it can end up tearing down already-configured groups and default domains, however this currently still leaves devices hooked up to iommu-dma (and even historically the behaviour in this area was at best inconsistent across architectures/drivers...) Although in the case that an IOMMU is present whose driver has failed to probe, users cannot necessarily expect DMA to work anyway, it's still arguable that we should do our best to put things back as if the IOMMU driver was never there at all, and certainly the potential for crashing in iommu-dma itself is undesirable. Make sure we clean up the dev->dma_iommu flag along with everything else.
References
Impacted products
Vendor Product Version
Linux Linux Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/iommu/iommu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b14d98641312d972bb3f38e82eddf92898522389",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "104a84276821aed0ed241ce0d82d6c3267e3fcb8",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "280e5a30100578106a4305ce0118e0aa9b866f12",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/iommu/iommu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.26",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.26",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Clear iommu-dma ops on cleanup\n\nIf iommu_device_register() encounters an error, it can end up tearing\ndown already-configured groups and default domains, however this\ncurrently still leaves devices hooked up to iommu-dma (and even\nhistorically the behaviour in this area was at best inconsistent across\narchitectures/drivers...) Although in the case that an IOMMU is present\nwhose driver has failed to probe, users cannot necessarily expect DMA to\nwork anyway, it\u0027s still arguable that we should do our best to put\nthings back as if the IOMMU driver was never there at all, and certainly\nthe potential for crashing in iommu-dma itself is undesirable. Make sure\nwe clean up the dev-\u003edma_iommu flag along with everything else."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-26T05:22:51.302Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b14d98641312d972bb3f38e82eddf92898522389"
        },
        {
          "url": "https://git.kernel.org/stable/c/104a84276821aed0ed241ce0d82d6c3267e3fcb8"
        },
        {
          "url": "https://git.kernel.org/stable/c/280e5a30100578106a4305ce0118e0aa9b866f12"
        }
      ],
      "title": "iommu: Clear iommu-dma ops on cleanup",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37877",
    "datePublished": "2025-05-09T06:45:41.751Z",
    "dateReserved": "2025-04-16T04:51:23.960Z",
    "dateUpdated": "2025-05-26T05:22:51.302Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-37877\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-05-09T07:16:08.907\",\"lastModified\":\"2025-05-12T17:32:32.760\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\niommu: Clear iommu-dma ops on cleanup\\n\\nIf iommu_device_register() encounters an error, it can end up tearing\\ndown already-configured groups and default domains, however this\\ncurrently still leaves devices hooked up to iommu-dma (and even\\nhistorically the behaviour in this area was at best inconsistent across\\narchitectures/drivers...) Although in the case that an IOMMU is present\\nwhose driver has failed to probe, users cannot necessarily expect DMA to\\nwork anyway, it\u0027s still arguable that we should do our best to put\\nthings back as if the IOMMU driver was never there at all, and certainly\\nthe potential for crashing in iommu-dma itself is undesirable. Make sure\\nwe clean up the dev-\u003edma_iommu flag along with everything else.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu: Clear iommu-dma ops on cleanup Si iommu_device_register() encuentra un error, puede terminar derribando grupos ya configurados y dominios predeterminados, sin embargo, esto actualmente todav\u00eda deja dispositivos conectados a iommu-dma (e incluso hist\u00f3ricamente el comportamiento en esta \u00e1rea era, en el mejor de los casos, inconsistente entre arquitecturas/controladores...) Aunque en el caso de que haya un IOMMU cuyo controlador no haya podido sondear, los usuarios no necesariamente pueden esperar que DMA funcione de todos modos, todav\u00eda se puede argumentar que deber\u00edamos hacer todo lo posible para volver a poner las cosas como si el controlador IOMMU nunca hubiera estado all\u00ed, y ciertamente el potencial de bloqueo en iommu-dma en s\u00ed mismo es indeseable. Aseg\u00farese de limpiar el indicador dev-\u0026gt;dma_iommu junto con todo lo dem\u00e1s.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/104a84276821aed0ed241ce0d82d6c3267e3fcb8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/280e5a30100578106a4305ce0118e0aa9b866f12\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b14d98641312d972bb3f38e82eddf92898522389\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.