{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-21913","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-12-29T08:45:45.787Z","datePublished":"2025-04-01T15:40:50.907Z","dateUpdated":"2026-05-11T21:08:57.272Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:08:57.272Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nx86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()\n\nXen doesn't offer MSR_FAM10H_MMIO_CONF_BASE to all guests.  This results\nin the following warning:\n\n  unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0)\n  Call Trace:\n   xen_read_msr+0x1e/0x30\n   amd_get_mmconfig_range+0x2b/0x80\n   quirk_amd_mmconfig_area+0x28/0x100\n   pnp_fixup_device+0x39/0x50\n   __pnp_add_device+0xf/0x150\n   pnp_add_device+0x3d/0x100\n   pnpacpi_add_device_handler+0x1f9/0x280\n   acpi_ns_get_device_callback+0x104/0x1c0\n   acpi_ns_walk_namespace+0x1d0/0x260\n   acpi_get_devices+0x8a/0xb0\n   pnpacpi_init+0x50/0x80\n   do_one_initcall+0x46/0x2e0\n   kernel_init_freeable+0x1da/0x2f0\n   kernel_init+0x16/0x1b0\n   ret_from_fork+0x30/0x50\n   ret_from_fork_asm+0x1b/0x30\n\nbased on quirks for a \"PNP0c01\" device.  Treating MMCFG as disabled is the\nright course of action, so no change is needed there.\n\nThis was most likely exposed by fixing the Xen MSR accessors to not be\nsilently-safe."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/x86/kernel/amd_nb.c"],"versions":[{"version":"3fac3734c43a2e21fefeb72124d8bd31dff3956f","lessThan":"0c65d13bdcc54e5b924ebe790f85a7f01bfe1cb1","status":"affected","versionType":"git"},{"version":"3fac3734c43a2e21fefeb72124d8bd31dff3956f","lessThan":"8f43ba5ee498fe037d1570f6868d9aeaf49dda80","status":"affected","versionType":"git"},{"version":"3fac3734c43a2e21fefeb72124d8bd31dff3956f","lessThan":"ebf6a763904e42dabeb2e270ceb0bbe0f825d7ae","status":"affected","versionType":"git"},{"version":"3fac3734c43a2e21fefeb72124d8bd31dff3956f","lessThan":"923fede9eae9865af305bcdf8f111e4b62ae4bda","status":"affected","versionType":"git"},{"version":"3fac3734c43a2e21fefeb72124d8bd31dff3956f","lessThan":"14cb5d83068ecf15d2da6f7d0e9ea9edbcbc0457","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/x86/kernel/amd_nb.c"],"versions":[{"version":"6.1","status":"affected"},{"version":"0","lessThan":"6.1","status":"unaffected","versionType":"semver"},{"version":"6.1.131","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.83","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.19","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13.7","lessThanOrEqual":"6.13.*","status":"unaffected","versionType":"semver"},{"version":"6.14","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1","versionEndExcluding":"6.1.131"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1","versionEndExcluding":"6.6.83"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1","versionEndExcluding":"6.12.19"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1","versionEndExcluding":"6.13.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1","versionEndExcluding":"6.14"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0c65d13bdcc54e5b924ebe790f85a7f01bfe1cb1"},{"url":"https://git.kernel.org/stable/c/8f43ba5ee498fe037d1570f6868d9aeaf49dda80"},{"url":"https://git.kernel.org/stable/c/ebf6a763904e42dabeb2e270ceb0bbe0f825d7ae"},{"url":"https://git.kernel.org/stable/c/923fede9eae9865af305bcdf8f111e4b62ae4bda"},{"url":"https://git.kernel.org/stable/c/14cb5d83068ecf15d2da6f7d0e9ea9edbcbc0457"}],"title":"x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:38:59.818Z"}}]}}