VYPR
High severity7.8NVD Advisory· Published Sep 16, 2025· Updated Jun 17, 2026

CVE-2025-39823

CVE-2025-39823

Description

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: use array_index_nospec with indices that come from guest

min and dest_id are guest-controlled indices. Using array_index_nospec() after the bounds checks clamps these values to mitigate speculative execution side-channels.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

243

Patches

Vulnerability mechanics

References

11

News mentions

1