CVE-2025-40185
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ice: ice_adapter: release xa entry on adapter allocation failure
When ice_adapter_new() fails, the reserved XArray entry created by xa_insert() is not released. This causes subsequent insertions at the same index to return -EBUSY, potentially leading to NULL pointer dereferences.
Reorder the operations as suggested by Przemek Kitszel:
- Check if adapter already exists (xa_load)
- Reserve the XArray slot (xa_reserve)
- Allocate the adapter (ice_adapter_new)
- Store the adapter (xa_store)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 0f0023c649c7bc50543fbe6e1801eb6357b8bd63 < 7b9269de9815fc34d93dab90bd5169bacbe78e70 | affected |
| Linux | Linux | 0f0023c649c7bc50543fbe6e1801eb6357b8bd63 < 794abb265de3e792167fe3ea0440c064c722bb84 | affected |
| Linux | Linux | 0f0023c649c7bc50543fbe6e1801eb6357b8bd63 < 2db687f3469dbc5c59bc53d55acafd75d530b497 | affected |
| Linux | Linux | 6.11 | affected |
| Linux | Linux | 0 < 6.11 | unaffected |
| Linux | Linux | 6.12.54 <= 6.12.* | unaffected |
| Linux | Linux | 6.17.4 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/7b9269de9815fc34d93dab90bd5169bacbe78e70
- https://git.kernel.org/stable/c/794abb265de3e792167fe3ea0440c064c722bb84
- https://git.kernel.org/stable/c/2db687f3469dbc5c59bc53d55acafd75d530b497
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.