SB20251028132 - Resource management error in Linux kernel x86 kvm
Published: October 28, 2025
Security Bulletin ID
SB20251028132
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2025-40026)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the emulator_is_smm() and x86_emulate_instruction() functions in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3a062a5c55adc5507600b9ae6d911e247e2f1d6e
- https://git.kernel.org/stable/c/3d3abf3f7e8b1abb082070a343de82d7efc80523
- https://git.kernel.org/stable/c/7366830642505683bbe905a2ba5d18d6e4b512b8
- https://git.kernel.org/stable/c/ba35a5d775799ce5ad60230be97336f2fefd518e
- https://git.kernel.org/stable/c/e0ce3ed1048a47986d15aef1a98ebda25560d257
- https://git.kernel.org/stable/c/e7177c7e32cb806f348387b7f4faafd4a5b32054
- https://git.kernel.org/stable/c/e750f85391286a4c8100275516973324b621a269