Bug 2376101 (CVE-2025-38109)
| Summary: | CVE-2025-38109 kernel: Linux kernel (net/mlx5): Use-after-free in ECVF vports unload leads to denial of service | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | rhel-process-autobot, watson-tool-maintainers |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in the Linux kernel's net/mlx5 component. A local user could exploit a use-after-free vulnerability during the shutdown process when embedded chip virtual function (ECVF) vports are unloaded. This occurs because the vport access control list (ACL) ingress table is not properly destroyed when a virtual function is created on a BlueField device's embedded chip. Successful exploitation of this flaw could lead to a system crash, resulting in a denial of service.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-07-03 09:05:08 UTC
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2025070323-CVE-2025-38109-f925@gregkh/T This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:6570 https://access.redhat.com/errata/RHSA-2026:6570 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:6632 https://access.redhat.com/errata/RHSA-2026:6632 |