{"id":"CVE-2025-40160","summary":"xen/events: Return -EEXIST for bound VIRQs","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nxen/events: Return -EEXIST for bound VIRQs\n\nChange find_virq() to return -EEXIST when a VIRQ is bound to a\ndifferent CPU than the one passed in.  With that, remove the BUG_ON()\nfrom bind_virq_to_irq() to propogate the error upwards.\n\nSome VIRQs are per-cpu, but others are per-domain or global.  Those must\nbe bound to CPU0 and can then migrate elsewhere.  The lookup for\nper-domain and global will probably fail when migrated off CPU 0,\nespecially when the current CPU is tracked.  This now returns -EEXIST\ninstead of BUG_ON().\n\nA second call to bind a per-domain or global VIRQ is not expected, but\nmake it non-fatal to avoid trying to look up the irq, since we don't\nknow which per_cpu(virq_to_irq) it will be in.","modified":"2026-03-31T17:29:37.220720Z","published":"2025-11-12T10:24:36.429Z","related":["SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:0316-1","SUSE-SU-2026:20207-1","SUSE-SU-2026:20220-1","SUSE-SU-2026:20228-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2026:20145-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40160.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/07ce121d93a5e5fb2440a24da3dbf408fcee978e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/612ef6056855c0aacb9b25d1d853c435754483f7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a1e7f07ae6b594f1ba5be46c6125b43bc505c5aa"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f81db055a793eca9d05f79658ff62adafb41d664"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40160.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40160"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"62cc5fc7b2e0218144e162afb8191db9b924b5e6"},{"fixed":"612ef6056855c0aacb9b25d1d853c435754483f7"},{"fixed":"a1e7f07ae6b594f1ba5be46c6125b43bc505c5aa"},{"fixed":"f81db055a793eca9d05f79658ff62adafb41d664"},{"fixed":"07ce121d93a5e5fb2440a24da3dbf408fcee978e"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40160.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.2.0"},{"fixed":"6.6.113"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.54"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.17.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40160.json"}}],"schema_version":"1.7.5"}