Описание
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Don't overflow during division for dirty tracking
If pgshift is 63 then BITS_PER_TYPE(*bitmap->bitmap) * pgsize will overflow to 0 and this triggers divide by 0.
In this case the index should just be 0, so reorganize things to divide by shift and avoid hitting any overflows.
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Don't overflow during division for dirty tracking
If pgshift is 63 then BITS_PER_TYPE(*bitmap->bitmap) * pgsize will overflow to 0 and this triggers divide by 0.
In this case the index should just be 0, so reorganize things to divide by shift and avoid hitting any overflows.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-40293
- https://git.kernel.org/stable/c/07105e61882ff4a7d58db63cc5f9e90c6c60506c
- https://git.kernel.org/stable/c/4c8a4f1d34eced168cc0b3a3dfe7b6dcc2090f69
- https://git.kernel.org/stable/c/cb30dfa75d55eced379a42fd67bd5fb7ec38555e
- https://git.kernel.org/stable/c/dbf316fc90aa954dcd5440817f4b944627ed63e0
- https://git.kernel.org/stable/c/de7f2c67ceb1941b05b04ac35458a03e93cc57b1
EPSS
CVE ID
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITS_PER_TYPE(*bitmap->bitmap) * pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to divide by shift and avoid hitting any overflows.
In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITS_PER_TYPE(*bitmap->bitmap) * pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to divide by shift and avoid hitting any overflows.
In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITS_PER_TYPE(*bitmap->bitmap) * pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to divide by shift and avoid hitting any overflows.
In the Linux kernel, the following vulnerability has been resolved: i ...
EPSS