CVE-2025-38582

EPSS 0.03%
Published 19.08.2025 17:15:35
Last modified 20.08.2025 14:40:17
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

RDMA/hns: Fix double destruction of rsv_qp

rsv_qp may be double destroyed in error flow, first in free_mr_init(),
and then in hns_roce_exit(). Fix it by moving the free_mr_init() call
into hns_roce_v2_init().

list_del corruption, ffff589732eb9b50->next is LIST_POISON1 (dead000000000100)
WARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240
...
Call trace:
 __list_del_entry_valid+0x148/0x240
 hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]
 hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]
 hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]
 free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]
 hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]
 hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]
 __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]
 hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]
 hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]
 hclge_notify_roce_client+0x6c/0x160 [hclge]
 hclge_reset_rebuild+0x150/0x5c0 [hclge]
 hclge_reset+0x10c/0x140 [hclge]
 hclge_reset_subtask+0x80/0x104 [hclge]
 hclge_reset_service_task+0x168/0x3ac [hclge]
 hclge_service_task+0x50/0x100 [hclge]
 process_one_work+0x250/0x9a0
 worker_thread+0x324/0x990
 kthread+0x190/0x210
 ret_from_fork+0x10/0x18

Affected products Warnungen 0 Metrics 1 CWE 0 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < dab173bae3303f074f063750a8dead2550d8c782

Version fd8489294dd2beefb70f12ec4f6132aeec61a4d0

Status affected

Version < fc8b0f5b16bab2e032b4cfcd6218d5df3b80b2ea

Version fd8489294dd2beefb70f12ec4f6132aeec61a4d0

Status affected

Version < 10b083dbba22be19baa848432b6f25aa68ab2db5

Version fd8489294dd2beefb70f12ec4f6132aeec61a4d0

Status affected

Version < c6957b95ecc5b63c5a4bb4ecc28af326cf8f6dc8

Version fd8489294dd2beefb70f12ec4f6132aeec61a4d0

Status affected

Version 2ccf1c75d39949d8ea043d04a2e92d7100ea723d

Status affected

Version d2d9c5127122745da6e887f451dd248cfeffca33

Status affected

Version dac2723d8bfa9cf5333f477741e6e5fa1ed34645

Status affected

Version 60595923371c2ebe7faf82536c47eb0c967e3425

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 6.12

Status affected

Version < 6.12

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.42

Status unaffected

Version <= 6.15.*

Version 6.15.10

Status unaffected

Version <= 6.16.*

Version 6.16.1

Status unaffected

Version <= *

Version 6.17-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.055

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/10b083dbba22be19baa848432b6f25aa68ab2db5

https://git.kernel.org/stable/c/c6957b95ecc5b63c5a4bb4ecc28af326cf8f6dc8

https://git.kernel.org/stable/c/dab173bae3303f074f063750a8dead2550d8c782

https://git.kernel.org/stable/c/fc8b0f5b16bab2e032b4cfcd6218d5df3b80b2ea

https://nvd.nist.gov/vuln/detail/CVE-2025-38582

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38582

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38582

EUVD