CVE-2025-38287
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
IB/cm: Drop lockdep assert and WARN when freeing old msg
The send completion handler can run after cm_id has advanced to another message. The cm_id lock is not needed in this case, but a recent change re-used cm_free_priv_msg(), which asserts that the lock is held and WARNs if the cm_id's currently outstanding msg is different than the one being freed.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 1e5159219076ddb2e44338c667c83fd1bd43dfef < fc096a0cd2017cb0aa1e7fb83131410af9283910 | affected |
| Linux | Linux | 1e5159219076ddb2e44338c667c83fd1bd43dfef < 7590649ee7af381a9d1153143026dec124c5798e | affected |
| Linux | Linux | 6.13 | affected |
| Linux | Linux | 0 < 6.13 | unaffected |
| Linux | Linux | 6.15.3 <= 6.15.* | unaffected |
| Linux | Linux | 6.16 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/fc096a0cd2017cb0aa1e7fb83131410af9283910
- https://git.kernel.org/stable/c/7590649ee7af381a9d1153143026dec124c5798e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.