CVE-2025-40181Linux vulnerability

13 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 94.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedNov 12
Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory between Top of Lower Usable DRAM and 4GiB, to be mapped as UC via a forced variable MTRR range. In most KVM-based setups, legacy devices such as the HPET and TPM are enumerated via ACPI. ACPI enumeration includes a Memory32Fixed entry, and optionally a SystemMemory descri

Affected Packages5 packages

Linuxlinux/linux_kernel6.12.06.12.54+1
Debianlinux/linux_kernel< 6.12.57-1+1
Ubuntulinux/linux_kernel< 6.17.0-14.14
CVEListV5linux/linux8e690b817e38769dc2fa0e7473e5a5dc1fc2579534ff466f74d0fe1db8956f9c245e2bb2c67f67bf+3
debiandebian/linux< linux 6.17.6-1 (forky)

🔴Vulnerability Details

7
OSV
linux-azure vulnerabilities2026-02-24
OSV
linux-oem-6.17 vulnerabilities2026-02-17
OSV
linux-aws, linux-oracle vulnerabilities2026-02-17
OSV
linux, linux-raspi, linux-realtime vulnerabilities2026-02-12
GHSA
GHSA-x7gh-c69c-j2v8: In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When runn2025-11-13

📋Vendor Advisories

5
Ubuntu
Linux kernel (Azure) vulnerabilities2026-02-24
Ubuntu
Linux kernel (OEM) vulnerabilities2026-02-17
Ubuntu
Linux kernel vulnerabilities2026-02-12
Red Hat
kernel: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP2025-11-12
Debian
CVE-2025-40181: linux - In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Fo...2025