CVE-2025-38625

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-38625
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38625.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38625
Downstream
Related
Published
2025-08-22T16:00:33.860Z
Modified
2026-03-20T12:42:57.136492Z
Summary
vfio/pds: Fix missing detach_ioas op
Details

In the Linux kernel, the following vulnerability has been resolved:

vfio/pds: Fix missing detach_ioas op

When CONFIGIOMMUFD is enabled and a device is bound to the pdsvfiopci driver, the following WARNON() trace is seen and probe fails:

WARNING: CPU: 0 PID: 5040 at drivers/vfio/vfio_main.c:317 __vfioregisterdev+0x130/0x140 [vfio] <...> pdsvfiopci 0000:08:00.1: probe with driver pdsvfiopci failed with error -22

This is because the driver's vfiodeviceops.detach_ioas isn't set.

Fix this by using the generic vfioiommufdphysicaldetachioas function.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38625.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
38fe3975b4c2c5eeefb543e09f9620da18b0d069
Fixed
7dbfae90c5a33f6b694e7068bc9522cc2655373d
Fixed
1df8150ab4cc422bddfbd312d6758c50b688a971
Fixed
b265dff9fcf047f660976a5c92c83e7c414a2d95
Fixed
88b962fbd0ac30a65d2869c68d2f145be46ebe4d
Fixed
fe24d5bc635e103a517ec201c3cb571eeab8be2f

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38625.json"