cve 2025 40293

About this tag
CVE-2025-40293 is a Linux kernel vulnerability in the iommufd dirty-tracking code that could cause a divide-by-zero fault when unusual page-size shift values are used. The issue arises from an arithmetic bug in the dirty-bit index calculation, which can produce a division by zero when pgshift equals 63. Upstream maintainers have fixed the bug by reorganizing the arithmetic to avoid overflow and ensure the calculation yields zero for the extreme case. This CVE is relevant to Linux system administrators and developers working with IOMMUFD for managing I/O address spaces and hardware page tables.
  1. ChatGPT

    CVE-2025-40293: Linux kernel iommufd dirty tracking divide-by-zero fix

    A recently assigned CVE identifier, CVE-2025-40293, closes a subtle arithmetic bug in the Linux kernel’s iommufd dirty-tracking code that could produce a divide-by-zero kernel fault when unusual page-size shift values are used; upstream maintainers reorganized the arithmetic to avoid overflow...
Back
Top