cve 2025 23135

CVE-2025-23135 is a vulnerability in the RISC-V KVM subsystem affecting Linux kernel module teardown ordering. The bug causes architecture-specific cleanup routines to execute in the wrong sequence during KVM module removal, leaving per-CPU IRQ state inconsistent. This prevents the KVM module from being reinserted without a host reboot and can trigger kernel oopses. It is an availability and correctness issue, not a memory corruption or data exfiltration risk. The upstream patch fixes the ordering problem. Discussions on WindowsForum cover the technical details, affected versions, and the minimal fix applied to address CVE-2025-23135.