CVE-2025-68209

EPSS 0.02%
Veröffentlicht 16.12.2025 13:48:36
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

mlx5: Fix default values in create CQ

In the Linux kernel, the following vulnerability has been resolved:

mlx5: Fix default values in create CQ

Currently, CQs without a completion function are assigned the
mlx5_add_cq_to_tasklet function by default. This is problematic since
only user CQs created through the mlx5_ib driver are intended to use
this function.

Additionally, all CQs that will use doorbells instead of polling for
completions must call mlx5_cq_arm. However, the default CQ creation flow
leaves a valid value in the CQ's arm_db field, allowing FW to send
interrupts to polling-only CQs in certain corner cases.

These two factors would allow a polling-only kernel CQ to be triggered
by an EQ interrupt and call a completion function intended only for user
CQs, causing a null pointer exception.

Some areas in the driver have prevented this issue with one-off fixes
but did not address the root cause.

This patch fixes the described issue by adding defaults to the create CQ
flow. It adds a default dummy completion function to protect against
null pointer exceptions, and it sets an invalid command sequence number
by default in kernel CQs to prevent the FW from sending an interrupt to
the CQ until it is armed. User CQs are responsible for their own
initialization values.

Callers of mlx5_core_create_cq are responsible for changing the
completion function and arming the CQ per their needs.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 5

CNA 2 VulnDex Vulnerability Enrichment 7

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version cdd04f4d4d71cbf93d0d9abe63bc838f47c467fa

Version < 08469f5393a1a39f26a6e2eb2e8c33187665c1f4

Status affected

Version cdd04f4d4d71cbf93d0d9abe63bc838f47c467fa

Version < e5eba42f01340f73888dfe560be2806057c25913

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.0

Status affected

Version 0

Version < 6.0

Status unaffected

Version <= 6.17.*

Version 6.17.9

Status unaffected

Version <= *

Version 6.18

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.064

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/08469f5393a1a39f26a6e2eb2e8c33187665c1f4

https://git.kernel.org/stable/c/e5eba42f01340f73888dfe560be2806057c25913

https://nvd.nist.gov/vuln/detail/CVE-2025-68209

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68209

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68209

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-68209