CVE-2025-39768 (GCVE-0-2025-39768)
Vulnerability from cvelistv5
Published
2025-09-11 16:56
Modified
2025-09-11 16:56
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix complex rules rehash error flow Moving rules from matcher to matcher should not fail. However, if it does fail due to various reasons, the error flow should allow the kernel to continue functioning (albeit with broken steering rules) instead of going into series of soft lock-ups or some other problematic behaviour. Similar to the simple rules, complex rules rehash logic suffers from the same problems. This patch fixes the error flow for moving complex rules: - If new rule creation fails before it was even enqeued, do not poll for completion - If TIMEOUT happened while moving the rule, no point trying to poll for completions for other rules. Something is broken, completion won't come, just abort the rehash sequence. - If some other completion with error received, don't give up. Continue handling rest of the rules to minimize the damage. - Make sure that the first error code that was received will be actually returned to the caller instead of replacing it with the generic error code. All the aforementioned issues stem from the same bad error flow, so no point fixing them one by one and leaving partially broken code - fixing them in one patch.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/37d54bc28d092bc3b314da45d730f00e9d86ec2a
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/4a842b1bf18a32ee0c25dd6dd98728b786a76fe4
Impacted products
Vendor Product Version
Linux Linux Version: 17e0accac577fd6ea2090934d71a8c6f36702a26
Version: 17e0accac577fd6ea2090934d71a8c6f36702a26
 Create a notification for this product.
   Linux Linux Version: 6.16
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/steering/hws/bwc_complex.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "37d54bc28d092bc3b314da45d730f00e9d86ec2a",
              "status": "affected",
              "version": "17e0accac577fd6ea2090934d71a8c6f36702a26",
              "versionType": "git"
            },
            {
              "lessThan": "4a842b1bf18a32ee0c25dd6dd98728b786a76fe4",
              "status": "affected",
              "version": "17e0accac577fd6ea2090934d71a8c6f36702a26",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/steering/hws/bwc_complex.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.16"
            },
            {
              "lessThan": "6.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.16.*",
              "status": "unaffected",
              "version": "6.16.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.17-rc3",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16.4",
                  "versionStartIncluding": "6.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17-rc3",
                  "versionStartIncluding": "6.16",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: HWS, fix complex rules rehash error flow\n\nMoving rules from matcher to matcher should not fail.\nHowever, if it does fail due to various reasons, the error flow\nshould allow the kernel to continue functioning (albeit with broken\nsteering rules) instead of going into series of soft lock-ups or\nsome other problematic behaviour.\n\nSimilar to the simple rules, complex rules rehash logic suffers\nfrom the same problems. This patch fixes the error flow for moving\ncomplex rules:\n - If new rule creation fails before it was even enqeued, do not\n   poll for completion\n - If TIMEOUT happened while moving the rule, no point trying\n   to poll for completions for other rules. Something is broken,\n   completion won\u0027t come, just abort the rehash sequence.\n - If some other completion with error received, don\u0027t give up.\n   Continue handling rest of the rules to minimize the damage.\n - Make sure that the first error code that was received will\n   be actually returned to the caller instead of replacing it\n   with the generic error code.\n\nAll the aforementioned issues stem from the same bad error flow,\nso no point fixing them one by one and leaving partially broken\ncode - fixing them in one patch."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-11T16:56:22.984Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/37d54bc28d092bc3b314da45d730f00e9d86ec2a"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a842b1bf18a32ee0c25dd6dd98728b786a76fe4"
        }
      ],
      "title": "net/mlx5: HWS, fix complex rules rehash error flow",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-39768",
    "datePublished": "2025-09-11T16:56:22.984Z",
    "dateReserved": "2025-04-16T07:20:57.127Z",
    "dateUpdated": "2025-09-11T16:56:22.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-39768\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-09-11T17:15:42.250\",\"lastModified\":\"2025-09-15T15:22:38.297\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/mlx5: HWS, fix complex rules rehash error flow\\n\\nMoving rules from matcher to matcher should not fail.\\nHowever, if it does fail due to various reasons, the error flow\\nshould allow the kernel to continue functioning (albeit with broken\\nsteering rules) instead of going into series of soft lock-ups or\\nsome other problematic behaviour.\\n\\nSimilar to the simple rules, complex rules rehash logic suffers\\nfrom the same problems. This patch fixes the error flow for moving\\ncomplex rules:\\n - If new rule creation fails before it was even enqeued, do not\\n   poll for completion\\n - If TIMEOUT happened while moving the rule, no point trying\\n   to poll for completions for other rules. Something is broken,\\n   completion won\u0027t come, just abort the rehash sequence.\\n - If some other completion with error received, don\u0027t give up.\\n   Continue handling rest of the rules to minimize the damage.\\n - Make sure that the first error code that was received will\\n   be actually returned to the caller instead of replacing it\\n   with the generic error code.\\n\\nAll the aforementioned issues stem from the same bad error flow,\\nso no point fixing them one by one and leaving partially broken\\ncode - fixing them in one patch.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/37d54bc28d092bc3b314da45d730f00e9d86ec2a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/4a842b1bf18a32ee0c25dd6dd98728b786a76fe4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.