IM
IronMonkey Threat Research

CVE-2025-21802 MEDIUM

Published: 2025-02-27 | Last Modified: 2026-07-14 | Status: Modified

Description

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it removes all the ae_dev nodes, and it may cause oops. But we can't simply use hnae3_common_lock for this. Because in the process flow of pci_disable_sriov(), it will trigger the remove flow of VF, which will also take hnae3_common_lock. To fixes it, introduce a new mutex to protect the unload process.

Additional Descriptions (1)

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hns3: se corrige el error al descargar controladores en paralelo. Al descargar el controlador hclge, primero intenta deshabilitar sriov para cada nodo ae_dev de hnae3_ae_dev_list. Si el usuario descarga el controlador hns3 en ese momento, debido a que elimina todos los nodos ae_dev, y puede causar errores. Pero no podemos simplemente usar hnae3_common_lock para esto. Porque en el flujo de proceso de pci_disable_sriov(), activará el flujo de eliminación de VF, que también tomará hnae3_common_lock. Para solucionarlo, introduzca un nuevo mutex para proteger el proceso de descarga.

CVSS Metrics

Base Score: 5.5 (MEDIUM)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 3.6

Weaknesses

Source Type Description
[email protected] Primary
en NVD-CWE-noinfo

Affected Products

Vendor Product Version Update Type
linux linux_kernel * <built-in method update of dict object at 0x702bfc130280> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bfc132280> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bfc133f40> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bfc131940> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bfc132f40> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bdc373180> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bdc59ea80> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bfc36b400> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcc127b40> Operating System
linux linux_kernel 5.15 <built-in method update of dict object at 0x702bdd408b40> Operating System
linux linux_kernel 5.15 <built-in method update of dict object at 0x702bdc371300> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:5.15:rc7:*:*:*:*:*:*

References

Notification
Message here