What is the severity of CVE-2024-25743?

CVE-2024-25743 is considered a high severity vulnerability that allows an untrusted hypervisor to inject virtual interrupts.

How does CVE-2024-25743 affect userspace applications?

CVE-2024-25743 can trigger the SIGFPE signal handler in userspace applications, potentially leading to unexpected behavior.

What versions of the Linux kernel are affected by CVE-2024-25743?

CVE-2024-25743 affects the Linux kernel versions up to and including 6.9.

How can I mitigate the risks of CVE-2024-25743?

Mitigation measures for CVE-2024-25743 include upgrading to a patched version of the Linux kernel.

Is there a specific hardware dependency for CVE-2024-25743?

Yes, CVE-2024-25743 specifically affects systems utilizing AMD SEV-SNP and AMD SEV-ES technology.

Vulnerability/
CVE-2024-25743

high

7.1

CWE

15/5/2024

9/4/2025

CVE-2024-25743: Input Validation

First published: Wed May 15 2024(Updated: )

In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Red Hat Kernel-devel	<=6.9
IBM Security Verify Governance - Identity Manager	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance	<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container	<=ISVG 10.0.2

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7230443

Frequently Asked Questions

What is the severity of CVE-2024-25743?
CVE-2024-25743 is considered a high severity vulnerability that allows an untrusted hypervisor to inject virtual interrupts.
How does CVE-2024-25743 affect userspace applications?
CVE-2024-25743 can trigger the SIGFPE signal handler in userspace applications, potentially leading to unexpected behavior.
What versions of the Linux kernel are affected by CVE-2024-25743?
CVE-2024-25743 affects the Linux kernel versions up to and including 6.9.
How can I mitigate the risks of CVE-2024-25743?
Mitigation measures for CVE-2024-25743 include upgrading to a patched version of the Linux kernel.
Is there a specific hardware dependency for CVE-2024-25743?
Yes, CVE-2024-25743 specifically affects systems utilizing AMD SEV-SNP and AMD SEV-ES technology.

agent/type
agent/author
agent/first-publish-date
agent/description
agent/severity
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/weakness
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/source
agent/softwarecombine
agent/tags
agent/event
collector/ibm-support
source/IBM
vendor/linux
canonical/red hat kernel-devel
vendor/ibm
canonical/ibm security verify governance - identity manager
version/ibm security verify governance - identity manager/isvg 10.0.2
canonical/ibm security verify governance, identity manager software stack
version/ibm security verify governance, identity manager software stack/isvg 10.0.2
canonical/ibm security verify governance, identity manager virtual appliance
version/ibm security verify governance, identity manager virtual appliance/isvg 10.0.2
canonical/ibm security verify governance identity manager container
version/ibm security verify governance identity manager container/isvg 10.0.2