CVE-2025-71156

Summary

In the Linux kernel, the following vulnerability has been resolved:

gve: defer interrupt enabling until NAPI registration

Currently, interrupts are automatically enabled immediately upon request. This allows interrupt to fire before the associated NAPI context is fully initialized and cause failures like below:

[ 0.946369] Call Trace: [ 0.946369] <IRQ> [ 0.946369] __napi_poll+0x2a/0x1e0 [ 0.946369] net_rx_action+0x2f9/0x3f0 [ 0.946369] handle_softirqs+0xd6/0x2c0 [ 0.946369] ? handle_edge_irq+0xc1/0x1b0 [ 0.946369] __irq_exit_rcu+0xc3/0xe0 [ 0.946369] common_interrupt+0x81/0xa0 [ 0.946369] </IRQ> [ 0.946369] <TASK> [ 0.946369] asm_common_interrupt+0x22/0x40 [ 0.946369] RIP: 0010:pv_native_safe_halt+0xb/0x10

Use the IRQF_NO_AUTOEN flag when requesting interrupts to prevent auto enablement and explicitly enable the interrupt in NAPI initialization path (and disable it during NAPI teardown).

This ensures that interrupt lifecycle is strictly coupled with readiness of NAPI context.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1dfc2e46117e5c41037e27e859e75a7518881ee6 < f5b7f49bd2377916ad57cbd1210c61196daff013affected
LinuxLinux1dfc2e46117e5c41037e27e859e75a7518881ee6 < 48f9277680925e1a8623d6b2c50aadb7af824aceaffected
LinuxLinux1dfc2e46117e5c41037e27e859e75a7518881ee6 < 3d970eda003441f66551a91fda16478ac0711617affected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.12.64 <= 6.12.*unaffected
LinuxLinux6.18.4 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References