VDB
DEBIAN-CVE-2025-1713
DEBIAN-CVE-2025-1713
PUBLISHED
CVSS 7.5 HIGH
When setting up interrupt remapping for legacy PCI(-X) devices, including PCI(-X) bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | xen | 4.17.5+23, 4.17.3+36, 4.17.5+23 |
| Debian:13 | xen | 0, 0 |
| Debian:11 | xen | *, *, * |
| Debian:14 | xen | 0, 0 |
Exploit Intelligence
- CVE-2025-1713.json (github-poc)
- CVE-2025-1713.json (github-poc)
Timeline
- Jul 17, 2025 CVE Published
- Apr 28, 2026 CVE Updated