CVE-2025-21802
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: hns3: fix oops when unload drivers paralleling
When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it removes all the ae_dev nodes, and it may cause oops.
But we can't simply use hnae3_common_lock for this. Because in the process flow of pci_disable_sriov(), it will trigger the remove flow of VF, which will also take hnae3_common_lock.
To fixes it, introduce a new mutex to protect the unload process.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | d36b15e3e7b5937cb1f6ac590a85facc3a320642 < 622d92a67656e5c4d2d6ccac02d688ed995418c6 | affected |
| Linux | Linux | 0dd8a25f355b4df2d41c08df1716340854c7d4c5 < 8c640dd3d900cc8988a39c007591f1deee776df4 | affected |
| Linux | Linux | 0dd8a25f355b4df2d41c08df1716340854c7d4c5 < e876522659012ef2e73834a0b9f1cbe3f74d5fad | affected |
| Linux | Linux | 0dd8a25f355b4df2d41c08df1716340854c7d4c5 < b5a8bc47aa0a4aa8bca5466dfa2d12dbb5b3cd0c | affected |
| Linux | Linux | 0dd8a25f355b4df2d41c08df1716340854c7d4c5 < 82736bb83fb0221319c85c2e9917d0189cd84e1e | affected |
| Linux | Linux | 0dd8a25f355b4df2d41c08df1716340854c7d4c5 < cafe9a27e22736d4a01b3933e36225f9857c7988 | affected |
| Linux | Linux | 0dd8a25f355b4df2d41c08df1716340854c7d4c5 < 92e5995773774a3e70257e9c95ea03518268bea5 | affected |
| Linux | Linux | b06ad258e01389ca3ff13bc180f3fcd6a608f1cd | affected |
| Linux | Linux | c4b64011e458aa2b246cd4e42012cfd83d2d9a5c | affected |
| Linux | Linux | 9b5a29f0acefa3eb1dbe2fa302b393eeff64d933 | affected |
| Linux | Linux | 5.10.76 < 5.10.235 | affected |
| Linux | Linux | 4.19.214 < 4.20 | affected |
| Linux | Linux | 5.4.156 < 5.5 | affected |
| Linux | Linux | 5.14.15 < 5.15 | affected |
| Linux | Linux | 5.15 | affected |
| Linux | Linux | 0 < 5.15 | unaffected |
| Linux | Linux | 5.10.235 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.179 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.129 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.76 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.13 <= 6.12.* | unaffected |
| Linux | Linux | 6.13.2 <= 6.13.* | unaffected |
| Linux | Linux | 6.14 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
References
- https://git.kernel.org/stable/c/622d92a67656e5c4d2d6ccac02d688ed995418c6
- https://git.kernel.org/stable/c/8c640dd3d900cc8988a39c007591f1deee776df4
- https://git.kernel.org/stable/c/e876522659012ef2e73834a0b9f1cbe3f74d5fad
- https://git.kernel.org/stable/c/b5a8bc47aa0a4aa8bca5466dfa2d12dbb5b3cd0c
- https://git.kernel.org/stable/c/82736bb83fb0221319c85c2e9917d0189cd84e1e
- https://git.kernel.org/stable/c/cafe9a27e22736d4a01b3933e36225f9857c7988
- https://git.kernel.org/stable/c/92e5995773774a3e70257e9c95ea03518268bea5
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.