CVE-2025-21913
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-21913
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21913.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21913
- Downstream
- Related
- Published
- 2025-04-01T15:40:50.907Z
- Modified
- 2025-11-27T02:32:26.913901Z
- Summary
- x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
x86/amdnb: Use rdmsrsafe() in amdgetmmconfig_range()
Xen doesn't offer MSRFAM10HMMIOCONFBASE to all guests. This results in the following warning:
unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xendoreadmsr+0x7f/0xa0) Call Trace: xenreadmsr+0x1e/0x30 amdgetmmconfigrange+0x2b/0x80 quirkamdmmconfigarea+0x28/0x100 pnpfixupdevice+0x39/0x50 _pnpadddevice+0xf/0x150 pnpadddevice+0x3d/0x100 pnpacpiadddevicehandler+0x1f9/0x280 acpinsgetdevicecallback+0x104/0x1c0 acpinswalknamespace+0x1d0/0x260 acpigetdevices+0x8a/0xb0 pnpacpiinit+0x50/0x80 dooneinitcall+0x46/0x2e0 kernelinitfreeable+0x1da/0x2f0 kernelinit+0x16/0x1b0 retfromfork+0x30/0x50 retfromfork_asm+0x1b/0x30
based on quirks for a "PNP0c01" device. Treating MMCFG as disabled is the right course of action, so no change is needed there.
This was most likely exposed by fixing the Xen MSR accessors to not be silently-safe.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/cc431b3424123d84bcd7afd4de150b33f117a8ef/cves/2025/21xxx/CVE-2025-21913.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0c65d13bdcc54e5b924ebe790f85a7f01bfe1cb1
- https://git.kernel.org/stable/c/14cb5d83068ecf15d2da6f7d0e9ea9edbcbc0457
- https://git.kernel.org/stable/c/8f43ba5ee498fe037d1570f6868d9aeaf49dda80
- https://git.kernel.org/stable/c/923fede9eae9865af305bcdf8f111e4b62ae4bda
- https://git.kernel.org/stable/c/ebf6a763904e42dabeb2e270ceb0bbe0f825d7ae
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3fac3734c43a2e21fefeb72124d8bd31dff3956fFixed0c65d13bdcc54e5b924ebe790f85a7f01bfe1cb1
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3fac3734c43a2e21fefeb72124d8bd31dff3956fFixed8f43ba5ee498fe037d1570f6868d9aeaf49dda80
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3fac3734c43a2e21fefeb72124d8bd31dff3956fFixedebf6a763904e42dabeb2e270ceb0bbe0f825d7ae
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3fac3734c43a2e21fefeb72124d8bd31dff3956fFixed923fede9eae9865af305bcdf8f111e4b62ae4bda
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3fac3734c43a2e21fefeb72124d8bd31dff3956fFixed14cb5d83068ecf15d2da6f7d0e9ea9edbcbc0457