CVE - CVE-2025-21779

CVE-ID
CVE-2025-21779	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SEND_IPI and SEND_IPI_EX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said hypercalls if the local APIC is emulated in userspace, i.e. don't rely on userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID. Rejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if Hyper-V enlightenments are exposed to the guest without an in-kernel local APIC: dump_stack+0xbe/0xfd __kasan_report.cold+0x34/0x84 kasan_report+0x3a/0x50 __apic_accept_irq+0x3a/0x5c0 kvm_hv_send_ipi.isra.0+0x34e/0x820 kvm_hv_hypercall+0x8d9/0x9d0 kvm_emulate_hypercall+0x506/0x7e0 __vmx_handle_exit+0x283/0xb60 vmx_handle_exit+0x1d/0xd0 vcpu_enter_guest+0x16b0/0x24c0 vcpu_run+0xc0/0x550 kvm_arch_vcpu_ioctl_run+0x170/0x6d0 kvm_vcpu_ioctl+0x413/0xb20 __se_sys_ioctl+0x111/0x160 do_syscal1_64+0x30/0x40 entry_SYSCALL_64_after_hwframe+0x67/0xd1 Note, checking the sending vCPU is sufficient, as the per-VM irqchip_mode can't be modified after vCPUs are created, i.e. if one vCPU has an in-kernel local APIC, then all vCPUs have an in-kernel local APIC.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/5393cf22312418262679eaadb130d608c75fe690 URL:https://git.kernel.org/stable/c/5393cf22312418262679eaadb130d608c75fe690 MISC:https://git.kernel.org/stable/c/874ff13c73c45ecb38cb82191e8c1d523f0dc81b URL:https://git.kernel.org/stable/c/874ff13c73c45ecb38cb82191e8c1d523f0dc81b MISC:https://git.kernel.org/stable/c/a8de7f100bb5989d9c3627d3a223ee1c863f3b69 URL:https://git.kernel.org/stable/c/a8de7f100bb5989d9c3627d3a223ee1c863f3b69 MISC:https://git.kernel.org/stable/c/aca8be4403fb90db7adaf63830e27ebe787a76e8 URL:https://git.kernel.org/stable/c/aca8be4403fb90db7adaf63830e27ebe787a76e8 MISC:https://git.kernel.org/stable/c/ca29f58ca374c40a0e69c5306fc5c940a0069074 URL:https://git.kernel.org/stable/c/ca29f58ca374c40a0e69c5306fc5c940a0069074
Assigning CNA
kernel.org
Date Record Created
20241229	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20241229)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)