CVE-2025-40076

Linux Kernel 6.17-6.17.2 - Denial of Service via PCI MSI IRQ Domain Handling

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-host: Pass proper IRQ domain to generic_handle_domain_irq() Starting with commit dd26c1a23fd5 ("PCI: rcar-host: Switch to msi_create_parent_irq_domain()"), the MSI parent IRQ domain is NULL because the object of type struct irq_domain_info passed to: msi_create_parent_irq_domain() -> irq_domain_instantiate()() -> __irq_domain_instantiate() has no reference to the parent IRQ domain. Using msi->domain->parent as an argument for generic_handle_domain_irq() leads to below error: "Unable to handle kernel NULL pointer dereference at virtual address" This error was identified while switching the upcoming RZ/G3S PCIe host controller driver to msi_create_parent_irq_domain() (which was using a similar pattern to handle MSIs (see link section)), but it was not tested on hardware using the pcie-rcar-host controller driver due to lack of hardware. [mani: reworded subject and description]

Scores

EPSS 0.0017
EPSS Percentile 6.6%

Details

Status published
Products (7)
linux/Kernel 6.17.0 - 6.17.3linux
Linux/Linux < 6.17
Linux/Linux 6.17
Linux/Linux 6.17.3 - 6.17.*
Linux/Linux 6.18
Linux/Linux dd26c1a23fd5a607c50738ea0dcb6cdbb8185cfe - d3fee10e40a938331e2aae34348691136db31304
Linux/Linux dd26c1a23fd5a607c50738ea0dcb6cdbb8185cfe - e8e21aaf5d34015901cd271053a67a62b4204526
Published Oct 28, 2025
Tracked Since Feb 18, 2026