{"id":"CVE-2025-39823","summary":"KVM: x86: use array_index_nospec with indices that come from guest","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: use array_index_nospec with indices that come from guest\n\nmin and dest_id are guest-controlled indices. Using array_index_nospec()\nafter the bounds checks clamps these values to mitigate speculative execution\nside-channels.","modified":"2026-04-02T12:48:10.261654Z","published":"2025-09-16T13:00:22.298Z","related":["SUSE-SU-2025:03600-1","SUSE-SU-2025:03601-1","SUSE-SU-2025:03613-1","SUSE-SU-2025:03615-1","SUSE-SU-2025:03626-1","SUSE-SU-2025:03628-1","SUSE-SU-2025:03633-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20851-1","SUSE-SU-2025:20861-1","SUSE-SU-2025:20870-1","SUSE-SU-2025:20898-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","SUSE-SU-2025:3716-1","SUSE-SU-2025:3725-1","SUSE-SU-2025:3751-1","SUSE-SU-2025:3761-1","openSUSE-SU-2025:20081-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39823.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/31a0ad2f60cb4816e06218b63e695eb72ce74974"},{"type":"WEB","url":"https://git.kernel.org/stable/c/33e974c2d5a82b2f9d9ba0ad9cbaabc1c8e3985f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/67a05679621b7f721bdba37a5d18665d3aceb695"},{"type":"WEB","url":"https://git.kernel.org/stable/c/72777fc31aa7ab2ce00f44bfa3929c6eabbeaf48"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c87bd4dd43a624109c3cc42d843138378a7f4548"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d51e381beed5e2f50f85f49f6c90e023754efa12"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f49161646e03d107ce81a99c6ca5da682fe5fb69"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f57a4bd8d6cb5af05b8ac1be9098e249034639fb"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39823.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39823"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4180bf1b655a791a0a6ef93a2ffffc762722c782"},{"fixed":"72777fc31aa7ab2ce00f44bfa3929c6eabbeaf48"},{"fixed":"31a0ad2f60cb4816e06218b63e695eb72ce74974"},{"fixed":"d51e381beed5e2f50f85f49f6c90e023754efa12"},{"fixed":"33e974c2d5a82b2f9d9ba0ad9cbaabc1c8e3985f"},{"fixed":"f49161646e03d107ce81a99c6ca5da682fe5fb69"},{"fixed":"67a05679621b7f721bdba37a5d18665d3aceb695"},{"fixed":"f57a4bd8d6cb5af05b8ac1be9098e249034639fb"},{"fixed":"c87bd4dd43a624109c3cc42d843138378a7f4548"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-39823.json"}}],"schema_version":"1.7.5"}