You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 40065
About this tag
CVE-2025-40065 is a vulnerability in the RISC-V KVM hypervisor code, specifically in the VMID detection routine. The issue involves writing non-zero fields into the hgatp CSR while probing for supported VMID bits, which violates the RISC-V Privileged Architecture requirement that when MODE = BARE, the remaining fields of hgatp must be zero. This specification mismatch has been fixed upstream with a narrow patch to the KVM VMID probe. The vulnerability is relevant to Linux kernel developers and system administrators managing RISC-V virtualization environments, particularly those using KVM. The fix ensures compliance with privileged architecture specifications and prevents potential misbehavior in hypervisor address translation.
A subtle specification mismatch in the RISC‑V KVM code has been fixed upstream: the kernel’s VMID detection routine wrote non‑zero fields into the hgatp CSR while probing for supported VMID bits, violating the RISC‑V Privileged Architecture requirement that when MODE = BARE the remaining fields...