SB20250828101 - Resource management error in Linux kernel pci pds driver
Published: August 28, 2025
Security Bulletin ID
SB20250828101
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2025-38625)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pds_vfio_ops_info() function in drivers/vfio/pci/pds/vfio_dev.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1df8150ab4cc422bddfbd312d6758c50b688a971
- https://git.kernel.org/stable/c/7dbfae90c5a33f6b694e7068bc9522cc2655373d
- https://git.kernel.org/stable/c/88b962fbd0ac30a65d2869c68d2f145be46ebe4d
- https://git.kernel.org/stable/c/b265dff9fcf047f660976a5c92c83e7c414a2d95
- https://git.kernel.org/stable/c/fe24d5bc635e103a517ec201c3cb571eeab8be2f