CVE-2025-40023

{"id": "CVE-2025-40023", "cveTags": [], "metrics": {}, "published": "2025-10-24T13:15:47.510", "references": [{"url": "https://git.kernel.org/stable/c/500dad428e5b0de4c1bdfa893822a6e06ddad0b5", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bacbadedbba737da8ae6e0464bc0971c30cda4cb", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vf: Don't expose sysfs attributes not applicable for VFs\n\nVFs can't read BMG_PCIE_CAP(0x138340) register nor access PCODE\n(already guarded by the info.skip_pcode flag) so we shouldn't\nexpose attributes that require any of them to avoid errors like:\n\n [] xe 0000:03:00.1: [drm] Tile0: GT0: VF is trying to read an \\\n inaccessible register 0x138340+0x0\n [] RIP: 0010:xe_gt_sriov_vf_read32+0x6c2/0x9a0 [xe]\n [] Call Trace:\n [] xe_mmio_read32+0x110/0x280 [xe]\n [] auto_link_downgrade_capable_show+0x2e/0x70 [xe]\n [] dev_attr_show+0x1a/0x70\n [] sysfs_kf_seq_show+0xaa/0x120\n [] kernfs_seq_show+0x41/0x60\n\n(cherry picked from commit a2d6223d224f333f705ed8495bf8bebfbc585c35)"}], "lastModified": "2025-10-27T13:20:15.637", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}