CVE-2025-39870
📋 TL;DR
This CVE describes a double-free vulnerability in the Linux kernel's dmaengine idxd driver. The bug occurs during error handling in the idxd_setup_wqs() function, which can lead to memory corruption and potential kernel crashes or privilege escalation. Systems using Intel Data Streaming Accelerator (DSA) devices with vulnerable kernel versions are affected.
💻 Affected Systems
- Linux kernel with Intel Data Streaming Accelerator (DSA) driver enabled
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation to kernel mode allowing full system compromise.
Likely Case
Kernel crash causing system instability or denial of service, requiring reboot to restore functionality.
If Mitigated
System remains stable if error conditions aren't triggered; minimal impact with proper access controls limiting who can interact with DSA devices.
🎯 Exploit Status
Exploitation requires triggering specific error conditions in the idxd_setup_wqs() function, which may require local access and specific hardware/driver interactions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 25e6146c2812487a88f619d5ff6efbdcd5b2bc31, 39aaa337449e71a41d4813be0226a722827ba606, 9f0e225635475b2285b966271d5e82cba74295b1, df82c7901513fd0fc738052a8e6a330d92cc8ec9, ec5430d090d0b6ace8fefa290fc37e88930017d2
Vendor Advisory: https://git.kernel.org/stable/c/25e6146c2812487a88f619d5ff6efbdcd5b2bc31
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commits. 2. Check your distribution's security advisories for patched kernel packages. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Disable Intel DSA driver
linuxPrevent loading of the vulnerable idxd driver module
echo 'blacklist idxd' > /etc/modprobe.d/disable-idxd.conf
rmmod idxd
Disable CONFIG_INTEL_IDXD at kernel build
linuxBuild kernel without Intel DSA driver support
In kernel config: CONFIG_INTEL_IDXD=n
🧯 If You Can't Patch
- Restrict access to users who can interact with DSA devices through appropriate permissions and SELinux/AppArmor policies.
- Monitor system logs for kernel panics or unexpected reboots that may indicate exploitation attempts.
🔍 How to Verify
Check if Vulnerable:
Check if idxd driver is loaded: lsmod | grep idxd. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits. Check dmesg for idxd driver initialization errors.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/messages or journalctl
- OOM killer activity related to kernel memory
- Unexpected system reboots
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
source="kernel" AND ("panic" OR "Oops" OR "BUG") AND ("idxd" OR "dmaengine")🔗 References
- https://git.kernel.org/stable/c/25e6146c2812487a88f619d5ff6efbdcd5b2bc31
- https://git.kernel.org/stable/c/39aaa337449e71a41d4813be0226a722827ba606
- https://git.kernel.org/stable/c/9f0e225635475b2285b966271d5e82cba74295b1
- https://git.kernel.org/stable/c/df82c7901513fd0fc738052a8e6a330d92cc8ec9
- https://git.kernel.org/stable/c/ec5430d090d0b6ace8fefa290fc37e88930017d2
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
