2362257 – (CVE-2025-1713) CVE-2025-1713 xen: Deadlock Potential with VT-d and Legacy PCI Device Pass-Through

Bug 2362257 (CVE-2025-1713) - CVE-2025-1713 xen: Deadlock Potential with VT-d and Legacy PCI Device Pass-Through

Summary: CVE-2025-1713 xen: Deadlock Potential with VT-d and Legacy PCI Device Pass-Th...

Keywords:
Status:	NEW
Alias:	CVE-2025-1713
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2362259 2362260 2362261
Blocks:
TreeView+	depends on / blocked

Reported:	2025-04-25 07:22 UTC by OSIDB Bzimport
Modified:	2025-04-25 07:25 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-04-25 07:22:21 UTC

A local attacker (e.g., an unprivileged guest) with access to a passed-through legacy PCI(-X) device on a system using Intel VT-d can trigger a deadlock in the Xen hypervisor. This can result in a denial of service (DoS) that affects the entire host. The issue arises due to unsafe locking during interrupt remapping setup for certain devices. The vulnerability impacts Xen versions 4.0 and later on systems with Intel IOMMU (VT-d) hardware. Systems using AMD or non-x86 hardware are not affected. Avoiding pass through of the affected device types mitigates the issue.

Note You need to log in before you can comment on or make changes to this bug.