CVE-2025-39961
📋 TL;DR
This CVE describes a race condition in the AMD IOMMU driver in the Linux kernel where page table level updates during IOVA address space expansion can cause fetch_pte() to read inconsistent state during unmapping operations. This can cause IOMMU unmap operations to fail, potentially leading to resource leaks or system instability. Systems using AMD processors with IOMMU enabled are affected.
💻 Affected Systems
- Linux kernel with AMD IOMMU driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System instability, memory leaks, or denial of service due to failed IOMMU unmapping operations causing resource exhaustion.
Likely Case
IOMMU unmap failures leading to warning messages in kernel logs and potential performance degradation.
If Mitigated
Minor system warnings with no significant operational impact.
🎯 Exploit Status
Requires triggering the race condition during specific IOMMU operations, which is timing-dependent and may be difficult to reliably exploit.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing fixes from the provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/075abf0b1a958acfbea2435003d228e738e90346
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix. 2. Check your distribution's security advisories. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Disable AMD IOMMU
LinuxDisable IOMMU functionality at kernel boot (not recommended for security)
Add 'amd_iommu=off' to kernel boot parameters
🧯 If You Can't Patch
- Monitor kernel logs for IOMMU-related warnings and errors
- Limit systems with heavy DMA operations or virtualization workloads
🔍 How to Verify
Check if Vulnerable:
Check kernel version and verify if it contains the vulnerable code from the git commitsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the fix commits: 075abf0b1a958acfbea2435003d228e738e90346 or related📡 Detection & Monitoring
Log Indicators:
- Kernel warnings related to IOMMU unmapping failures
- AMD-Vi or IOMMU error messages in dmesg
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
Search for 'AMD-Vi', 'IOMMU', 'unmap', or 'WARN_ON' in kernel logs