CVE-2025-38064

18.06.2025, 10:15

In the Linux kernel, the following vulnerability has been resolved:

virtio: break and reset virtio devices on device_shutdown()

Hongyu reported a hang on kexec in a VM. QEMU reported invalid memory
accesses during the hang.

	Invalid read at addr 0x102877002, size 2, region '(null)', reason: rejected
	Invalid write at addr 0x102877A44, size 2, region '(null)', reason: rejected
	...

It was traced down to virtio-console. Kexec works fine if virtio-console
is not in use.

The issue is that virtio-console continues to write to the MMIO even after
underlying virtio-pci device is reset.

Additionally, Eric noticed that IOMMUs are reset before devices, if
devices are not reset on shutdown they continue to poke at guest memory
and get errors from the IOMMU. Some devices get wedged then.

The problem can be solved by breaking all virtio devices on virtio
bus shutdown, then resetting them.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 5%

Debian Releases

Debian Product

Codename

linux

bullseye	vulnerable
bullseye (security)	vulnerable
bookworm	vulnerable
bookworm (security)	vulnerable
trixie (security)	vulnerable
sid	vulnerable
trixie	vulnerable

Ubuntu Releases

Ubuntu Product

Codename

linux-hwe

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	ignored
trusty	dne

linux-hwe-5.4

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-hwe-5.8

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-hwe-5.11

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-hwe-5.13

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-hwe-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-hwe-5.19

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-hwe-6.2

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-hwe-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-hwe-6.8

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-hwe-6.11

plucky	dne
oracular	dne
noble	ignored
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-hwe-edge

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	ignored
trusty	dne

linux-lts-xenial

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	ignored

linux-kvm

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	ignored
bionic	ignored
xenial	ignored
trusty	dne

linux-allwinner-5.19

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-aws-5.0

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-aws-5.3

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-aws-5.4

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-aws-5.8

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-aws-5.11

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-aws-5.13

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-aws-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-aws-5.19

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-aws-6.2

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-aws-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-aws-6.8

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-aws-hwe

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	dne
xenial	ignored
trusty	dne

linux-azure

plucky	needed
oracular	ignored
noble	needed
jammy	needed
focal	ignored
bionic	ignored
xenial	ignored
trusty	ignored

linux-azure-4.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-azure-5.3

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-azure-5.4

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-azure-5.8

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-azure-5.11

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-azure-5.13

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-azure-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-azure-5.19

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-azure-6.2

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-azure-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-azure-6.8

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-azure-6.11

plucky	dne
oracular	dne
noble	ignored
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-azure-fde

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-azure-fde-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-azure-fde-5.19

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-azure-fde-6.2

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-azure-nvidia

plucky	dne
oracular	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-bluefield

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-azure-edge

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-fips

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	needed
bionic	needed
xenial	needed
trusty	dne

linux-aws-fips

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	needed
bionic	needed
xenial	dne
trusty	dne

linux-azure-fips

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	needed
bionic	needed
xenial	dne
trusty	dne

linux-gcp-fips

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	needed
bionic	needed
xenial	dne
trusty	dne

linux-gcp

plucky	needed
oracular	ignored
noble	needed
jammy	needed
focal	ignored
bionic	ignored
xenial	ignored
trusty	dne

linux-gcp-4.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-gcp-5.3

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-gcp-5.4

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-gcp-5.8

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-gcp-5.11

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-gcp-5.13

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-gcp-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-gcp-5.19

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-gcp-6.2

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-gcp-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-gcp-6.8

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-gcp-6.11

plucky	dne
oracular	dne
noble	ignored
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-gke

plucky	dne
oracular	dne
noble	needed
jammy	needed
focal	ignored
bionic	dne
xenial	ignored
trusty	dne

linux-gke-4.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-gke-5.4

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-gke-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-gkeop

plucky	dne
oracular	dne
noble	needed
jammy	needed
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-gkeop-5.4

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-gkeop-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-ibm

plucky	dne
oracular	dne
noble	needed
jammy	needed
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-ibm-5.4

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-ibm-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-intel-5.13

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-intel-iotg

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-intel-iotg-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-iot

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-intel-iot-realtime

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-lowlatency

plucky	dne
oracular	ignored
noble	needed
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-lowlatency-hwe-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-lowlatency-hwe-5.19

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-lowlatency-hwe-6.2

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-lowlatency-hwe-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-lowlatency-hwe-6.8

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-lowlatency-hwe-6.11

plucky	dne
oracular	dne
noble	ignored
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-nvidia

plucky	dne
oracular	dne
noble	needed
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-nvidia-6.2

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-nvidia-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-nvidia-6.8

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-nvidia-lowlatency

plucky	dne
oracular	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-nvidia-tegra

plucky	dne
oracular	dne
noble	needed
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-nvidia-tegra-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-nvidia-tegra-igx

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oracle-5.0

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-oracle-5.3

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-oracle-5.4

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-oracle-5.8

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-oracle-5.11

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-oracle-5.13

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-oracle-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-oracle-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oracle-6.8

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oem

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	ignored
trusty	dne

linux-oem-5.6

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-oem-5.10

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-oem-5.13

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-oem-5.14

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-oem-5.17

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oem-6.0

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oem-6.1

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oem-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oem-6.8

plucky	dne
oracular	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oem-6.11

plucky	dne
oracular	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oem-6.14

plucky	dne
oracular	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-raspi2

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	ignored
xenial	ignored
trusty	dne

linux-raspi-5.4

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	dne
trusty	dne

linux-raspi-realtime

plucky	dne
oracular	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-riscv

plucky	needed
oracular	ignored
noble	ignored
jammy	ignored
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-riscv-5.8

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-riscv-5.11

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-riscv-5.15

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-riscv-5.19

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-riscv-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-riscv-6.8

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-starfive-5.19

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-starfive-6.2

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-starfive-6.5

plucky	dne
oracular	dne
noble	dne
jammy	ignored
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-xilinx-zynqmp

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux

plucky	needed
oracular	ignored
noble	needed
jammy	needed
focal	ignored
bionic	ignored
xenial	ignored
trusty	ignored

linux-aws

plucky	needed
oracular	ignored
noble	needed
jammy	needed
focal	ignored
bionic	ignored
xenial	ignored
trusty	ignored

linux-oracle

plucky	needed
oracular	ignored
noble	needed
jammy	needed
focal	ignored
bionic	ignored
xenial	ignored
trusty	dne

linux-raspi

plucky	needed
oracular	ignored
noble	needed
jammy	needed
focal	ignored
bionic	dne
xenial	dne
trusty	dne

linux-realtime

plucky	needed
oracular	ignored
noble	needed
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-intel

plucky	dne
oracular	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-riscv-6.14

plucky	dne
oracular	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-ibm-6.8

plucky	dne
oracular	dne
noble	dne
jammy	needed
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-aws-6.14

plucky	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-gcp-6.14

plucky	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-hwe-6.14

plucky	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

linux-oracle-6.14

plucky	dne
noble	needed
jammy	dne
focal	dne
bionic	dne
xenial	dne
trusty	dne

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.
Published: 2025-06-17T22:00:00+00:00

References

https://git.kernel.org/stable/c/8bd2fa086a04886798b505f28db4002525895203

https://git.kernel.org/stable/c/aee42f3d57bfa37b2716df4584edeecf63b9df4c