CVE-2025-1713

{"id": "CVE-2025-1713", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-07-17T14:15:30.527", "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-467.html", "tags": ["Patch", "Vendor Advisory"], "source": "security@xen.org"}, {"url": "http://www.openwall.com/lists/oss-security/2025/02/27/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2025/02/27/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2025/02/28/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://xenbits.xen.org/xsa/advisory-467.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-833"}]}], "descriptions": [{"lang": "en", "value": "When setting up interrupt remapping for legacy PCI(-X) devices,\nincluding PCI(-X) bridges, a lookup of the upstream bridge is required.\nThis lookup, itself involving acquiring of a lock, is done in a context\nwhere acquiring that lock is unsafe. This can lead to a deadlock."}, {"lang": "es", "value": "Al configurar la reasignaci\u00f3n de interrupciones para dispositivos PCI(-X) antiguos, incluidos los puentes PCI(-X), se requiere una b\u00fasqueda del puente ascendente. Esta b\u00fasqueda, que implica la adquisici\u00f3n de un bloqueo, se realiza en un contexto donde la adquisici\u00f3n de dicho bloqueo no es segura. Esto puede provocar un interbloqueo."}], "lastModified": "2026-01-13T22:16:10.213", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "06663CA9-DD05-46D3-872D-A5102E1B3E96", "versionStartIncluding": "4.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@xen.org"}