CVE-2025-71202

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iommu/sva: invalidate stale IOTLB entries for kernel address space<br /> <br /> Introduce a new IOMMU interface to flush IOTLB paging cache entries for<br /> the CPU kernel address space. This interface is invoked from the x86<br /> architecture code that manages combined user and kernel page tables,<br /> specifically before any kernel page table page is freed and reused.<br /> <br /> This addresses the main issue with vfree() which is a common occurrence<br /> and can be triggered by unprivileged users. While this resolves the<br /> primary problem, it doesn&amp;#39;t address some extremely rare case related to<br /> memory unplug of memory that was present as reserved memory at boot, which<br /> cannot be triggered by unprivileged users. The discussion can be found at<br /> the link below.<br /> <br /> Enable SVA on x86 architecture since the IOMMU can now receive<br /> notification to flush the paging cache before freeing the CPU kernel page<br /> table pages.