Main Vulnerability Database SB20251112131

SB20251112131 - Use of uninitialized resource in Linux kernel iommu intel driver

Published: November 12, 2025

Security Bulletin ID SB20251112131

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Use of uninitialized resource (CVE-ID: CVE-2025-40155)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the domain_translation_struct_show() function in drivers/iommu/intel/debugfs.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/d8cf7b59c49f9118fa875462e18686cb6b131bb5
https://git.kernel.org/stable/c/df2bf759a0bdb71f13e327d7527260d09facc055
https://git.kernel.org/stable/c/fbe6070c73badca726e4ff7877320e6c62339917