CVE-2025-21913 [Medium] | Security Vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() Xen doesn't offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results in the following warning: unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0) Call Trace: xen_read_msr+0x1e/0x30 amd_get_mmconfig_range+0x2b/0x80 quirk_amd_mmconfig_area+0x28/0x100 pnp_fixup_device+0x39/0x50 __pnp_add_device+0xf/0x150 pnp_add_device+0x3d/0x100 pnpacpi_add_device_handler+0x1f9/0x280 acpi_ns_get_device_callback+0x104/0x1c0 acpi_ns_walk_namespace+0x1d0/0x260 acpi_get_devices+0x8a/0xb0 pnpacpi_init+0x50/0x80 do_one_initcall+0x46/0x2e0 kernel_init_freeable+0x1da/0x2f0 kernel_init+0x16/0x1b0 ret_from_fork+0x30/0x50 ret_from_fork_asm+0x1b/0x30 based on quirks for a "PNP0c01" device. Treating MMCFG as disabled is the right course of action, so no change is needed there. This was most likely exposed by fixing the Xen MSR accessors to not be silently-safe.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-05-10	0.09%	0.02%	-0.07%
2	2026-01-26	0.03%	0.09%	+0.06%
3	2025-08-28	—	0.03%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-05-10

0.09%

0.02%

-0.07%

2026-01-26

0.03%

0.09%

+0.06%

2025-08-28

—

0.03%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
5.5	3.1	MEDIUM	`CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:L) A normal user session is enough; they don’t have to be admin. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:N) Doesn’t really leak secrets in a meaningful way. Integrity (I:N) Data isn’t meaningfully altered or forged. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	1.8	3.6	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

5.5

3.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L): A normal user session is enough; they don’t have to be admin.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N): Doesn’t really leak secrets in a meaningful way.
Integrity (I:N): Data isn’t meaningfully altered or forged.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

1.8

3.6

[email protected]

OS Trackers for CVE-2025-21913

vendor	priority	summary	link
`debian`	unimportant	CVE-2025-21913 unimportant priority: Debian including 2 source packages (linux, linux-6.1), 6 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 6.	https://security-tracker.debian.org/tracker/CVE-2025-21913
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2025-21913
`suse`	medium	—	https://www.suse.com/security/cve/CVE-2025-21913/
`ubuntu`	medium	CVE-2025-21913 medium priority: Ubuntu including 150 source packages (linux, linux-allwinner-5.19, …), 1487 status rows across 10 suites (bionic, focal, jammy, noble, oracular, plucky, questing, trusty, upstream, xenial): DNE 1097, ignored 150, released 130, not-affected 110.	https://ubuntu.com/security/CVE-2025-21913

Affected software / configurations for CVE-2025-21913

Vendor	Product	Version	Raw CPE
linux	linux_kernel	>= 6.1, < 6.1.131	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 6.2, < 6.6.83	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 6.7, < 6.12.19	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 6.13, < 6.13.7	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	6.14	cpe:2.3:o:linux:linux_kernel:6.14:rc1::::::
linux	linux_kernel	6.14	cpe:2.3:o:linux:linux_kernel:6.14:rc2::::::
linux	linux_kernel	6.14	cpe:2.3:o:linux:linux_kernel:6.14:rc3::::::
linux	linux_kernel	6.14	cpe:2.3:o:linux:linux_kernel:6.14:rc4::::::
linux	linux_kernel	6.14	cpe:2.3:o:linux:linux_kernel:6.14:rc5::::::

References for CVE-2025-21913

URL	Tags
https://git.kernel.org/stable/c/0c65d13bdcc54e5b924ebe790f85a7f01bfe1cb1	Patch
https://git.kernel.org/stable/c/14cb5d83068ecf15d2da6f7d0e9ea9edbcbc0457	Patch
https://git.kernel.org/stable/c/8f43ba5ee498fe037d1570f6868d9aeaf49dda80	Patch
https://git.kernel.org/stable/c/923fede9eae9865af305bcdf8f111e4b62ae4bda	Patch
https://git.kernel.org/stable/c/ebf6a763904e42dabeb2e270ceb0bbe0f825d7ae	Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

URL

CVE-2025-21913 | x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()

Exploit prediction scoring system (EPSS) score for CVE-2025-21913

Common vulnerability scoring system (CVSS) metrics for CVE-2025-21913

Weakness enumeration for CVE-2025-21913

OS Trackers for CVE-2025-21913

Affected software / configurations for CVE-2025-21913

References for CVE-2025-21913