| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025040130-CVE-2025-21913-b942@gregkh> Date: Tue, 1 Apr 2025 16:39:37 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() Description =========== In the Linux kernel, the following vulnerability has been resolved: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() Xen doesn't offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results in the following warning: unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0) Call Trace: xen_read_msr+0x1e/0x30 amd_get_mmconfig_range+0x2b/0x80 quirk_amd_mmconfig_area+0x28/0x100 pnp_fixup_device+0x39/0x50 __pnp_add_device+0xf/0x150 pnp_add_device+0x3d/0x100 pnpacpi_add_device_handler+0x1f9/0x280 acpi_ns_get_device_callback+0x104/0x1c0 acpi_ns_walk_namespace+0x1d0/0x260 acpi_get_devices+0x8a/0xb0 pnpacpi_init+0x50/0x80 do_one_initcall+0x46/0x2e0 kernel_init_freeable+0x1da/0x2f0 kernel_init+0x16/0x1b0 ret_from_fork+0x30/0x50 ret_from_fork_asm+0x1b/0x30 based on quirks for a "PNP0c01" device. Treating MMCFG as disabled is the right course of action, so no change is needed there. This was most likely exposed by fixing the Xen MSR accessors to not be silently-safe. The Linux kernel CVE team has assigned CVE-2025-21913 to this issue. Affected and fixed versions =========================== Issue introduced in 6.1 with commit 3fac3734c43a2e21fefeb72124d8bd31dff3956f and fixed in 6.1.131 with commit 0c65d13bdcc54e5b924ebe790f85a7f01bfe1cb1 Issue introduced in 6.1 with commit 3fac3734c43a2e21fefeb72124d8bd31dff3956f and fixed in 6.6.83 with commit 8f43ba5ee498fe037d1570f6868d9aeaf49dda80 Issue introduced in 6.1 with commit 3fac3734c43a2e21fefeb72124d8bd31dff3956f and fixed in 6.12.19 with commit ebf6a763904e42dabeb2e270ceb0bbe0f825d7ae Issue introduced in 6.1 with commit 3fac3734c43a2e21fefeb72124d8bd31dff3956f and fixed in 6.13.7 with commit 923fede9eae9865af305bcdf8f111e4b62ae4bda Issue introduced in 6.1 with commit 3fac3734c43a2e21fefeb72124d8bd31dff3956f and fixed in 6.14 with commit 14cb5d83068ecf15d2da6f7d0e9ea9edbcbc0457 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-21913 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: arch/x86/kernel/amd_nb.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/0c65d13bdcc54e5b924ebe790f85a7f01bfe1cb1 https://git.kernel.org/stable/c/8f43ba5ee498fe037d1570f6868d9aeaf49dda80 https://git.kernel.org/stable/c/ebf6a763904e42dabeb2e270ceb0bbe0f825d7ae https://git.kernel.org/stable/c/923fede9eae9865af305bcdf8f111e4b62ae4bda https://git.kernel.org/stable/c/14cb5d83068ecf15d2da6f7d0e9ea9edbcbc0457
Powered by blists - more mailing lists