5.5

CVE-2025-38569

benet: fix BUG when creating VFs

In the Linux kernel, the following vulnerability has been resolved:

benet: fix BUG when creating VFs

benet crashes as soon as SRIOV VFs are created:

 kernel BUG at mm/vmalloc.c:3457!
 Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
 CPU: 4 UID: 0 PID: 7408 Comm: test.sh Kdump: loaded Not tainted 6.16.0+ #1 PREEMPT(voluntary)
 [...]
 RIP: 0010:vunmap+0x5f/0x70
 [...]
 Call Trace:
  <TASK>
  __iommu_dma_free+0xe8/0x1c0
  be_cmd_set_mac_list+0x3fe/0x640 [be2net]
  be_cmd_set_mac+0xaf/0x110 [be2net]
  be_vf_eth_addr_config+0x19f/0x330 [be2net]
  be_vf_setup+0x4f7/0x990 [be2net]
  be_pci_sriov_configure+0x3a1/0x470 [be2net]
  sriov_numvfs_store+0x20b/0x380
  kernfs_fop_write_iter+0x354/0x530
  vfs_write+0x9b9/0xf60
  ksys_write+0xf3/0x1d0
  do_syscall_64+0x8c/0x3d0

be_cmd_set_mac_list() calls dma_free_coherent() under a spin_lock_bh.
Fix it by freeing only after the lock has been released.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4.291 < 5.4.297
LinuxLinux Kernel Version >= 5.10.235 < 5.10.241
LinuxLinux Kernel Version >= 5.15.179 < 5.15.190
LinuxLinux Kernel Version >= 6.1.131 < 6.1.148
LinuxLinux Kernel Version >= 6.6.83 < 6.6.102
LinuxLinux Kernel Version >= 6.12.19 < 6.12.42
LinuxLinux Kernel Version >= 6.13.7 < 6.14
LinuxLinux Kernel Version >= 6.14.1 < 6.15.10
LinuxLinux Kernel Version >= 6.16 < 6.16.1
LinuxLinux Kernel Version6.14 Update-
LinuxLinux Kernel Version6.14 Updaterc6
LinuxLinux Kernel Version6.14 Updaterc7
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.055
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/0ddfe8b127ef1149fddccb79db6e6eaba7738e7d
Patch
https://git.kernel.org/stable/c/46d44a23a3723a89deeb65b13cddb17f8d9f2700
Patch
https://git.kernel.org/stable/c/5a40f8af2ba1b9bdf46e2db10e8c9710538fbc63
Patch
https://git.kernel.org/stable/c/c377ba2be9430d165a98e4b782902ed630bc7546
Patch
https://git.kernel.org/stable/c/d5dc09ee5d74277bc47193fe28ce8703e229331b
Patch
https://git.kernel.org/stable/c/f4e4e0c4bc4d799d6fa39055acdbc3af066cd13e
Patch
https://git.kernel.org/stable/c/3697e37e012bbd2bb5a5b467689811ba097b2eff
Patch
https://git.kernel.org/stable/c/975e73b9102d844a3dc3f091ad631c56145c8b4c
Patch
https://git.kernel.org/stable/c/f80b34ebc579216407b128e9d155bfcae875c30f
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
Mailing List