CVE-2025-38216

EPSS 0.03%
Veröffentlicht 04.07.2025 13:37:33
Zuletzt bearbeitet 08.07.2025 16:18:53
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Restore context entry setup order for aliased devices

Commit 2031c469f816 ("iommu/vt-d: Add support for static identity domain")
changed the context entry setup during domain attachment from a
set-and-check policy to a clear-and-reset approach. This inadvertently
introduced a regression affecting PCI aliased devices behind PCIe-to-PCI
bridges.

Specifically, keyboard and touchpad stopped working on several Apple
Macbooks with below messages:

 kernel: platform pxa2xx-spi.3: Adding to iommu group 20
 kernel: input: Apple SPI Keyboard as
 /devices/pci0000:00/0000:00:1e.3/pxa2xx-spi.3/spi_master/spi2/spi-APP000D:00/input/input0
 kernel: DMAR: DRHD: handling fault status reg 3
 kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr
 0xffffa000 [fault reason 0x06] PTE Read access is not set
 kernel: DMAR: DRHD: handling fault status reg 3
 kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr
 0xffffa000 [fault reason 0x06] PTE Read access is not set
 kernel: applespi spi-APP000D:00: Error writing to device: 01 0e 00 00
 kernel: DMAR: DRHD: handling fault status reg 3
 kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr
 0xffffa000 [fault reason 0x06] PTE Read access is not set
 kernel: DMAR: DRHD: handling fault status reg 3
 kernel: applespi spi-APP000D:00: Error writing to device: 01 0e 00 00

Fix this by restoring the previous context setup order.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < fb5873b779dd5858123c19bbd6959566771e2e83

Version 2031c469f8161abe74189cb74f50da224f340b71

Status affected

Version < d43c81b691813e16a2d08208ce8947aebdab83cd

Version 2031c469f8161abe74189cb74f50da224f340b71

Status affected

Version < 320302baed05c6456164652541f23d2a96522c06

Version 2031c469f8161abe74189cb74f50da224f340b71

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.12

Status affected

Version < 6.12

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.35

Status unaffected

Version <= 6.15.*

Version 6.15.4

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.052

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/fb5873b779dd5858123c19bbd6959566771e2e83

https://git.kernel.org/stable/c/d43c81b691813e16a2d08208ce8947aebdab83cd

https://git.kernel.org/stable/c/320302baed05c6456164652541f23d2a96522c06

https://nvd.nist.gov/vuln/detail/CVE-2025-38216

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38216

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38216

EUVD