2365265 – (CVE-2025-37877) CVE-2025-37877 kernel: iommu: Clear iommu-dma ops on cleanup

Bug 2365265 (CVE-2025-37877) - CVE-2025-37877 kernel: iommu: Clear iommu-dma ops on cleanup

Summary: CVE-2025-37877 kernel: iommu: Clear iommu-dma ops on cleanup

Keywords:
Status:	NEW
Alias:	CVE-2025-37877
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-05-09 07:02 UTC by OSIDB Bzimport
Modified:	2025-05-09 08:08 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-05-09 07:02:25 UTC

In the Linux kernel, the following vulnerability has been resolved:

iommu: Clear iommu-dma ops on cleanup

If iommu_device_register() encounters an error, it can end up tearing
down already-configured groups and default domains, however this
currently still leaves devices hooked up to iommu-dma (and even
historically the behaviour in this area was at best inconsistent across
architectures/drivers...) Although in the case that an IOMMU is present
whose driver has failed to probe, users cannot necessarily expect DMA to
work anyway, it's still arguable that we should do our best to put
things back as if the IOMMU driver was never there at all, and certainly
the potential for crashing in iommu-dma itself is undesirable. Make sure
we clean up the dev->dma_iommu flag along with everything else.

Comment 1 Michal Findra 2025-05-09 07:58:51 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025050942-CVE-2025-37877-2e67@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.