CVE-2025-68171 Affecting rv package, versions *
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-CENTOS9-RV-14489679
- published18 Dec 2025
- disclosed16 Dec 2025
Introduced: 16 Dec 2025
NewCVE-2025-68171 (opens in a new tab)How to fix?
There is no fixed version for Centos:9 rv.
NVD Description
Note: Versions mentioned in the description apply only to the upstream rv package and not the rv package as distributed by Centos.
See How to fix? for Centos:9 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
x86/fpu: Ensure XFD state on signal delivery
Sean reported [1] the following splat when running KVM tests:
WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: <TASK> fpu__clear_user_states+0x9c/0x100 arch_do_signal_or_restart+0x142/0x210 exit_to_user_mode_loop+0x55/0x100 do_syscall_64+0x205/0x2c0 entry_SYSCALL_64_after_hwframe+0x4b/0x53
Chao further identified [2] a reproducible scenario involving signal delivery: a non-AMX task is preempted by an AMX-enabled task which modifies the XFD MSR.
When the non-AMX task resumes and reloads XSTATE with init values, a warning is triggered due to a mismatch between fpstate::xfd and the CPU's current XFD state. fpu__clear_user_states() does not currently re-synchronize the XFD state after such preemption.
Invoke xfd_update_state() which detects and corrects the mismatch if there is a dynamic feature.
This also benefits the sigreturn path, as fpu__restore_sig() may call fpu__clear_user_states() when the sigframe is inaccessible.
[ dhansen: minor changelog munging ]
References
- https://access.redhat.com/security/cve/CVE-2025-68171
- https://git.kernel.org/stable/c/1811c610653c0cd21cc9add14595b7cffaeca511
- https://git.kernel.org/stable/c/388eff894d6bc5f921e9bfff0e4b0ab2684a96e9
- https://git.kernel.org/stable/c/3f735419c4b43cde42e6d408db39137b82474e31
- https://git.kernel.org/stable/c/5b2619b488f1d08b960c43c6468dd0759e8b3035
- https://git.kernel.org/stable/c/eefbfb722042fc9210d2e0ac2b063fd1abf51895