CVE-2025-21953 (GCVE-0-2025-21953)
Vulnerability from cvelistv5
Published
2025-04-01 15:46
Modified
2025-05-04 07:25
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup mana struct after debugfs_remove() When on a MANA VM hibernation is triggered, as part of hibernate_snapshot(), mana_gd_suspend() and mana_gd_resume() are called. If during this mana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs pointer does not get reinitialized and ends up pointing to older, cleaned-up dentry. Further in the hibernation path, as part of power_down(), mana_gd_shutdown() is triggered. This call, unaware of the failures in resume, tries to cleanup the already cleaned up mana_port_debugfs value and hits the following bug: [ 191.359296] mana 7870:00:00.0: Shutdown was called [ 191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098 [ 191.360584] #PF: supervisor write access in kernel mode [ 191.361125] #PF: error_code(0x0002) - not-present page [ 191.361727] PGD 1080ea067 P4D 0 [ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI [ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2 [ 191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024 [ 191.364124] RIP: 0010:down_write+0x19/0x50 [ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 <f0> 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d [ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246 [ 191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000 [ 191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098 [ 191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001 [ 191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000 [ 191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020 [ 191.369549] FS: 00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000 [ 191.370213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0 [ 191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400 [ 191.372906] Call Trace: [ 191.373262] <TASK> [ 191.373621] ? show_regs+0x64/0x70 [ 191.374040] ? __die+0x24/0x70 [ 191.374468] ? page_fault_oops+0x290/0x5b0 [ 191.374875] ? do_user_addr_fault+0x448/0x800 [ 191.375357] ? exc_page_fault+0x7a/0x160 [ 191.375971] ? asm_exc_page_fault+0x27/0x30 [ 191.376416] ? down_write+0x19/0x50 [ 191.376832] ? down_write+0x12/0x50 [ 191.377232] simple_recursive_removal+0x4a/0x2a0 [ 191.377679] ? __pfx_remove_one+0x10/0x10 [ 191.378088] debugfs_remove+0x44/0x70 [ 191.378530] mana_detach+0x17c/0x4f0 [ 191.378950] ? __flush_work+0x1e2/0x3b0 [ 191.379362] ? __cond_resched+0x1a/0x50 [ 191.379787] mana_remove+0xf2/0x1a0 [ 191.380193] mana_gd_shutdown+0x3b/0x70 [ 191.380642] pci_device_shutdown+0x3a/0x80 [ 191.381063] device_shutdown+0x13e/0x230 [ 191.381480] kernel_power_off+0x35/0x80 [ 191.381890] hibernate+0x3c6/0x470 [ 191.382312] state_store+0xcb/0xd0 [ 191.382734] kobj_attr_store+0x12/0x30 [ 191.383211] sysfs_kf_write+0x3e/0x50 [ 191.383640] kernfs_fop_write_iter+0x140/0x1d0 [ 191.384106] vfs_write+0x271/0x440 [ 191.384521] ksys_write+0x72/0xf0 [ 191.384924] __x64_sys_write+0x19/0x20 [ 191.385313] x64_sys_call+0x2b0/0x20b0 [ 191.385736] do_syscall_64+0x79/0x150 [ 191.386146] ? __mod_memcg_lruvec_state+0xe7/0x240 [ 191.386676] ? __lruvec_stat_mod_folio+0x79/0xb0 [ 191.387124] ? __pfx_lru_add+0x10/0x10 [ 191.387515] ? queued_spin_unlock+0x9/0x10 [ 191.387937] ? do_anonymous_page+0x33c/0xa00 [ 191.388374] ? __handle_mm_fault+0xcf3/0x1210 [ 191.388805] ? __count_memcg_events+0xbe/0x180 [ 191.389235] ? handle_mm_fault+0xae/0x300 [ 19 ---truncated---
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3e64bb2ae7d9f2b3a8259d4d6b86ed1984d5460aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a1466112fb6e819261272ad75e7db750a43b78bfPatch
Impacted products
Vendor Product Version
Linux Linux Version: 6607c17c6c5e029da03a90085db22daf518232bf
Version: 6607c17c6c5e029da03a90085db22daf518232bf
 Create a notification for this product.
   Linux Linux Version: 6.13
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/microsoft/mana/gdma_main.c",
            "drivers/net/ethernet/microsoft/mana/mana_en.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a1466112fb6e819261272ad75e7db750a43b78bf",
              "status": "affected",
              "version": "6607c17c6c5e029da03a90085db22daf518232bf",
              "versionType": "git"
            },
            {
              "lessThan": "3e64bb2ae7d9f2b3a8259d4d6b86ed1984d5460a",
              "status": "affected",
              "version": "6607c17c6c5e029da03a90085db22daf518232bf",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/microsoft/mana/gdma_main.c",
            "drivers/net/ethernet/microsoft/mana/mana_en.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.13"
            },
            {
              "lessThan": "6.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.8",
                  "versionStartIncluding": "6.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14",
                  "versionStartIncluding": "6.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: cleanup mana struct after debugfs_remove()\n\nWhen on a MANA VM hibernation is triggered, as part of hibernate_snapshot(),\nmana_gd_suspend() and mana_gd_resume() are called. If during this\nmana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs\npointer does not get reinitialized and ends up pointing to older,\ncleaned-up dentry.\nFurther in the hibernation path, as part of power_down(), mana_gd_shutdown()\nis triggered. This call, unaware of the failures in resume, tries to cleanup\nthe already cleaned up  mana_port_debugfs value and hits the following bug:\n\n[  191.359296] mana 7870:00:00.0: Shutdown was called\n[  191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[  191.360584] #PF: supervisor write access in kernel mode\n[  191.361125] #PF: error_code(0x0002) - not-present page\n[  191.361727] PGD 1080ea067 P4D 0\n[  191.362172] Oops: Oops: 0002 [#1] SMP NOPTI\n[  191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2\n[  191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\n[  191.364124] RIP: 0010:down_write+0x19/0x50\n[  191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 \u003cf0\u003e 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d\n[  191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246\n[  191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000\n[  191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098\n[  191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001\n[  191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000\n[  191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020\n[  191.369549] FS:  00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000\n[  191.370213] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0\n[  191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[  191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[  191.372906] Call Trace:\n[  191.373262]  \u003cTASK\u003e\n[  191.373621]  ? show_regs+0x64/0x70\n[  191.374040]  ? __die+0x24/0x70\n[  191.374468]  ? page_fault_oops+0x290/0x5b0\n[  191.374875]  ? do_user_addr_fault+0x448/0x800\n[  191.375357]  ? exc_page_fault+0x7a/0x160\n[  191.375971]  ? asm_exc_page_fault+0x27/0x30\n[  191.376416]  ? down_write+0x19/0x50\n[  191.376832]  ? down_write+0x12/0x50\n[  191.377232]  simple_recursive_removal+0x4a/0x2a0\n[  191.377679]  ? __pfx_remove_one+0x10/0x10\n[  191.378088]  debugfs_remove+0x44/0x70\n[  191.378530]  mana_detach+0x17c/0x4f0\n[  191.378950]  ? __flush_work+0x1e2/0x3b0\n[  191.379362]  ? __cond_resched+0x1a/0x50\n[  191.379787]  mana_remove+0xf2/0x1a0\n[  191.380193]  mana_gd_shutdown+0x3b/0x70\n[  191.380642]  pci_device_shutdown+0x3a/0x80\n[  191.381063]  device_shutdown+0x13e/0x230\n[  191.381480]  kernel_power_off+0x35/0x80\n[  191.381890]  hibernate+0x3c6/0x470\n[  191.382312]  state_store+0xcb/0xd0\n[  191.382734]  kobj_attr_store+0x12/0x30\n[  191.383211]  sysfs_kf_write+0x3e/0x50\n[  191.383640]  kernfs_fop_write_iter+0x140/0x1d0\n[  191.384106]  vfs_write+0x271/0x440\n[  191.384521]  ksys_write+0x72/0xf0\n[  191.384924]  __x64_sys_write+0x19/0x20\n[  191.385313]  x64_sys_call+0x2b0/0x20b0\n[  191.385736]  do_syscall_64+0x79/0x150\n[  191.386146]  ? __mod_memcg_lruvec_state+0xe7/0x240\n[  191.386676]  ? __lruvec_stat_mod_folio+0x79/0xb0\n[  191.387124]  ? __pfx_lru_add+0x10/0x10\n[  191.387515]  ? queued_spin_unlock+0x9/0x10\n[  191.387937]  ? do_anonymous_page+0x33c/0xa00\n[  191.388374]  ? __handle_mm_fault+0xcf3/0x1210\n[  191.388805]  ? __count_memcg_events+0xbe/0x180\n[  191.389235]  ? handle_mm_fault+0xae/0x300\n[  19\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:25:39.744Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a1466112fb6e819261272ad75e7db750a43b78bf"
        },
        {
          "url": "https://git.kernel.org/stable/c/3e64bb2ae7d9f2b3a8259d4d6b86ed1984d5460a"
        }
      ],
      "title": "net: mana: cleanup mana struct after debugfs_remove()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-21953",
    "datePublished": "2025-04-01T15:46:54.712Z",
    "dateReserved": "2024-12-29T08:45:45.790Z",
    "dateUpdated": "2025-05-04T07:25:39.744Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-21953\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-04-01T16:15:26.513\",\"lastModified\":\"2025-04-11T17:06:38.070\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: mana: cleanup mana struct after debugfs_remove()\\n\\nWhen on a MANA VM hibernation is triggered, as part of hibernate_snapshot(),\\nmana_gd_suspend() and mana_gd_resume() are called. If during this\\nmana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs\\npointer does not get reinitialized and ends up pointing to older,\\ncleaned-up dentry.\\nFurther in the hibernation path, as part of power_down(), mana_gd_shutdown()\\nis triggered. This call, unaware of the failures in resume, tries to cleanup\\nthe already cleaned up  mana_port_debugfs value and hits the following bug:\\n\\n[  191.359296] mana 7870:00:00.0: Shutdown was called\\n[  191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098\\n[  191.360584] #PF: supervisor write access in kernel mode\\n[  191.361125] #PF: error_code(0x0002) - not-present page\\n[  191.361727] PGD 1080ea067 P4D 0\\n[  191.362172] Oops: Oops: 0002 [#1] SMP NOPTI\\n[  191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2\\n[  191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\\n[  191.364124] RIP: 0010:down_write+0x19/0x50\\n[  191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 \u003cf0\u003e 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d\\n[  191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246\\n[  191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000\\n[  191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098\\n[  191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001\\n[  191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000\\n[  191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020\\n[  191.369549] FS:  00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000\\n[  191.370213] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n[  191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0\\n[  191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\\n[  191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\\n[  191.372906] Call Trace:\\n[  191.373262]  \u003cTASK\u003e\\n[  191.373621]  ? show_regs+0x64/0x70\\n[  191.374040]  ? __die+0x24/0x70\\n[  191.374468]  ? page_fault_oops+0x290/0x5b0\\n[  191.374875]  ? do_user_addr_fault+0x448/0x800\\n[  191.375357]  ? exc_page_fault+0x7a/0x160\\n[  191.375971]  ? asm_exc_page_fault+0x27/0x30\\n[  191.376416]  ? down_write+0x19/0x50\\n[  191.376832]  ? down_write+0x12/0x50\\n[  191.377232]  simple_recursive_removal+0x4a/0x2a0\\n[  191.377679]  ? __pfx_remove_one+0x10/0x10\\n[  191.378088]  debugfs_remove+0x44/0x70\\n[  191.378530]  mana_detach+0x17c/0x4f0\\n[  191.378950]  ? __flush_work+0x1e2/0x3b0\\n[  191.379362]  ? __cond_resched+0x1a/0x50\\n[  191.379787]  mana_remove+0xf2/0x1a0\\n[  191.380193]  mana_gd_shutdown+0x3b/0x70\\n[  191.380642]  pci_device_shutdown+0x3a/0x80\\n[  191.381063]  device_shutdown+0x13e/0x230\\n[  191.381480]  kernel_power_off+0x35/0x80\\n[  191.381890]  hibernate+0x3c6/0x470\\n[  191.382312]  state_store+0xcb/0xd0\\n[  191.382734]  kobj_attr_store+0x12/0x30\\n[  191.383211]  sysfs_kf_write+0x3e/0x50\\n[  191.383640]  kernfs_fop_write_iter+0x140/0x1d0\\n[  191.384106]  vfs_write+0x271/0x440\\n[  191.384521]  ksys_write+0x72/0xf0\\n[  191.384924]  __x64_sys_write+0x19/0x20\\n[  191.385313]  x64_sys_call+0x2b0/0x20b0\\n[  191.385736]  do_syscall_64+0x79/0x150\\n[  191.386146]  ? __mod_memcg_lruvec_state+0xe7/0x240\\n[  191.386676]  ? __lruvec_stat_mod_folio+0x79/0xb0\\n[  191.387124]  ? __pfx_lru_add+0x10/0x10\\n[  191.387515]  ? queued_spin_unlock+0x9/0x10\\n[  191.387937]  ? do_anonymous_page+0x33c/0xa00\\n[  191.388374]  ? __handle_mm_fault+0xcf3/0x1210\\n[  191.388805]  ? __count_memcg_events+0xbe/0x180\\n[  191.389235]  ? handle_mm_fault+0xae/0x300\\n[  19\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: mana: cleanup struct mana despu\u00e9s de debugfs_remove(). Cuando se activa la hibernaci\u00f3n en una m\u00e1quina virtual MANA, como parte de hibernate_snapshot(), se invocan mana_gd_suspend() y mana_gd_resume(). Si durante este mana_gd_resume() se produce un fallo en la creaci\u00f3n de HWC, el puntero mana_port_debugfs no se reinicializa y termina apuntando a una dentry anterior y limpiada. M\u00e1s adelante en la ruta de hibernaci\u00f3n, como parte de power_down(), se activa mana_gd_shutdown(). Esta llamada, sin tener conocimiento de los fallos en la reanudaci\u00f3n, intenta limpiar el valor mana_port_debugfs ya limpiado y se encuentra con el siguiente error: [ 191.359296] mana 7870:00:00.0: Se llam\u00f3 al apagado [ 191.359918] ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000098 [ 191.360584] #PF: acceso de escritura del supervisor en modo kernel [ 191.361125] #PF: error_code(0x0002) - p\u00e1gina no presente [ 191.361727] PGD 1080ea067 P4D 0 [ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI [ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash No contaminado 6.14.0-rc5+ #2 [ 191.363292] Nombre del hardware: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 21/11/2024 [ 191.364124] RIP: 0010:down_write+0x19/0x50 [ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00  48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d [ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246 [ 191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000 [ 191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098 [ 191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001 [ 191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000 [ 191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020 [ 191.369549] FS: 00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000 [ 191.370213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0 [ 191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400 [ 191.372906] Call Trace: [ 191.373262]  [ 191.373621] ? show_regs+0x64/0x70 [ 191.374040] ? __die+0x24/0x70 [ 191.374468] ? page_fault_oops+0x290/0x5b0 [ 191.374875] ? do_user_addr_fault+0x448/0x800 [ 191.375357] ? exc_page_fault+0x7a/0x160 [ 191.375971] ? asm_exc_page_fault+0x27/0x30 [ 191.376416] ? down_write+0x19/0x50 [ 191.376832] ? down_write+0x12/0x50 [ 191.377232] simple_recursive_removal+0x4a/0x2a0 [ 191.377679] ? __pfx_remove_one+0x10/0x10 [ 191.378088] debugfs_remove+0x44/0x70 [ 191.378530] mana_detach+0x17c/0x4f0 [ 191.378950] ? __flush_work+0x1e2/0x3b0 [ 191.379362] ? __cond_resched+0x1a/0x50 [ 191.379787] mana_remove+0xf2/0x1a0 [ 191.380193] mana_gd_shutdown+0x3b/0x70 [ 191.380642] pci_device_shutdown+0x3a/0x80 [ 191.381063] device_shutdown+0x13e/0x230 [ 191.381480] kernel_power_off+0x35/0x80 [ 191.381890] hibernate+0x3c6/0x470 [ 191.382312] state_store+0xcb/0xd0 [ 191.382734] kobj_attr_store+0x12/0x30 [ 191.383211] sysfs_kf_write+0x3e/0x50 [ 191.383640] kernfs_fop_write_iter+0x140/0x1d0 [ 191.384106] vfs_write+0x271/0x440 [ 191.384521] ksys_write+0x72/0xf0 [ 191.384924] __x64_sys_write+0x19/0x20 [ 191.385313] x64_sys_call+0x2b0/0x20b0 [ 191.385736] do_syscall_64+0x79/0x150 [ 191.386146] ? __mod_memcg_lruvec_state+0xe7/0x240 [ 191.386676] ? __lruvec_stat_mod_folio+0x79/0xb0 [ 191.387124] ? __pfx_lru_add+0x10/0x10 [ 191.387515] ? queued_spin_unlock+0x9/0x10 [ 191.387937] ? do_anonymous_page+0x33c/0xa00 [ 191.388374] ? __handle_mm_fault+0xcf3/0x1210 [ 191.388805] ? __count_memcg_events+0xbe/0x180 [ 191.389235] ? handle_mm_fault+0xae/0x300 [ 19 ---truncado---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.8\",\"matchCriteriaId\":\"0A20D4D7-B329-4C68-B662-76062EA7DCF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"186716B6-2B66-4BD0-852E-D48E71C0C85F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D3E781C-403A-498F-9DA9-ECEE50F41E75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"66619FB8-0AAF-4166-B2CF-67B24143261D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3D6550E-6679-4560-902D-AF52DCFE905B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"45B90F6B-BEC7-4D4E-883A-9DBADE021750\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1759FFB7-531C-41B1-9AE1-FD3D80E0D920\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3e64bb2ae7d9f2b3a8259d4d6b86ed1984d5460a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a1466112fb6e819261272ad75e7db750a43b78bf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.