CVE-2025-38625

In the Linux kernel, the following vulnerability has been resolved:

vfio/pds: Fix missing detach_ioas op

When CONFIG_IOMMUFD is enabled and a device is bound to the pds_vfio_pci
driver, the following WARN_ON() trace is seen and probe fails:

WARNING: CPU: 0 PID: 5040 at drivers/vfio/vfio_main.c:317 __vfio_register_dev+0x130/0x140 [vfio]
<...>
pds_vfio_pci 0000:08:00.1: probe with driver pds_vfio_pci failed with error -22

This is because the driver's vfio_device_ops.detach_ioas isn't set.

Fix this by using the generic vfio_iommufd_physical_detach_ioas
function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bookworm
6.1.137-1
not-affected
bullseye (security)
5.10.237-1
fixed
bookworm (security)
6.1.147-1
fixed
trixie (security)
vulnerable
forky
vulnerable
sid
vulnerable
trixie
vulnerable
References
https://git.kernel.org/stable/c/1df8150ab4cc422bddfbd312d6758c50b688a971
https://git.kernel.org/stable/c/7dbfae90c5a33f6b694e7068bc9522cc2655373d
https://git.kernel.org/stable/c/88b962fbd0ac30a65d2869c68d2f145be46ebe4d
https://git.kernel.org/stable/c/b265dff9fcf047f660976a5c92c83e7c414a2d95
https://git.kernel.org/stable/c/fe24d5bc635e103a517ec201c3cb571eeab8be2f