fkie_nvd - fkie_cve-2025-40125

fkie_cve-2025-40125

Vulnerability from fkie_nvd

Published

2025-11-12 11:15

Modified

2025-11-12 16:19

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx In __blk_mq_update_nr_hw_queues() the return value of blk_mq_sysfs_register_hctxs() is not checked. If sysfs creation for hctx fails, later changing the number of hw_queues or removing disk will trigger the following warning: kernfs: can not remove 'nr_tags', no directory WARNING: CPU: 2 PID: 637 at fs/kernfs/dir.c:1707 kernfs_remove_by_name_ns+0x13f/0x160 Call Trace: remove_files.isra.1+0x38/0xb0 sysfs_remove_group+0x4d/0x100 sysfs_remove_groups+0x31/0x60 __kobject_del+0x23/0xf0 kobject_del+0x17/0x40 blk_mq_unregister_hctx+0x5d/0x80 blk_mq_sysfs_unregister_hctxs+0x94/0xd0 blk_mq_update_nr_hw_queues+0x124/0x760 nullb_update_nr_hw_queues+0x71/0xf0 [null_blk] nullb_device_submit_queues_store+0x92/0x120 [null_blk] kobjct_del() was called unconditionally even if sysfs creation failed. Fix it by checkig the kobject creation statusbefore deleting it.

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/06c4826b1d900611096e4621e93133db57e13911
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4b97e99b87a773d52699521d40864f3ec888e9a6
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4c7ef92f6d4d08a27d676e4c348f4e2922cab3ed
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/6e7dadc5763c48eb3b9b91265a21f312599ebb2c
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a8c53553f1833cc2d14175d2d72cf37193a01898
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/babc634e9fe2803962dba98a07587e835dbc0731
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/cc14ea21c4e658814d737ed4dedde6cd626a15ad
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/d5ddd76ee52bdc16e9f8b1e7791291e785dab032

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx\n\nIn __blk_mq_update_nr_hw_queues() the return value of\nblk_mq_sysfs_register_hctxs() is not checked. If sysfs creation for hctx\nfails, later changing the number of hw_queues or removing disk will\ntrigger the following warning:\n\n  kernfs: can not remove \u0027nr_tags\u0027, no directory\n  WARNING: CPU: 2 PID: 637 at fs/kernfs/dir.c:1707 kernfs_remove_by_name_ns+0x13f/0x160\n  Call Trace:\n   remove_files.isra.1+0x38/0xb0\n   sysfs_remove_group+0x4d/0x100\n   sysfs_remove_groups+0x31/0x60\n   __kobject_del+0x23/0xf0\n   kobject_del+0x17/0x40\n   blk_mq_unregister_hctx+0x5d/0x80\n   blk_mq_sysfs_unregister_hctxs+0x94/0xd0\n   blk_mq_update_nr_hw_queues+0x124/0x760\n   nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]\n   nullb_device_submit_queues_store+0x92/0x120 [null_blk]\n\nkobjct_del() was called unconditionally even if sysfs creation failed.\nFix it by checkig the kobject creation statusbefore deleting it."
    }
  ],
  "id": "CVE-2025-40125",
  "lastModified": "2025-11-12T16:19:12.850",
  "metrics": {},
  "published": "2025-11-12T11:15:42.043",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/06c4826b1d900611096e4621e93133db57e13911"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4b97e99b87a773d52699521d40864f3ec888e9a6"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4c7ef92f6d4d08a27d676e4c348f4e2922cab3ed"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/6e7dadc5763c48eb3b9b91265a21f312599ebb2c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a8c53553f1833cc2d14175d2d72cf37193a01898"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/babc634e9fe2803962dba98a07587e835dbc0731"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/cc14ea21c4e658814d737ed4dedde6cd626a15ad"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/d5ddd76ee52bdc16e9f8b1e7791291e785dab032"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

CVE-2025-40125 (GCVE-0-2025-40125)

Vulnerability from cvelistv5

Published

2025-11-12 10:23

Modified

2025-11-12 10:23

Severity ?

Summary

References

URL

Tags

	https://git.kernel.org/stable/c/a8c53553f1833cc2d14175d2d72cf37193a01898
	https://git.kernel.org/stable/c/cc14ea21c4e658814d737ed4dedde6cd626a15ad
	https://git.kernel.org/stable/c/4b97e99b87a773d52699521d40864f3ec888e9a6
	https://git.kernel.org/stable/c/6e7dadc5763c48eb3b9b91265a21f312599ebb2c
	https://git.kernel.org/stable/c/06c4826b1d900611096e4621e93133db57e13911
	https://git.kernel.org/stable/c/babc634e9fe2803962dba98a07587e835dbc0731
	https://git.kernel.org/stable/c/d5ddd76ee52bdc16e9f8b1e7791291e785dab032
	https://git.kernel.org/stable/c/4c7ef92f6d4d08a27d676e4c348f4e2922cab3ed

Impacted products

Vendor

Product

Version

Linux

Version: 477e19dedc9d3e1f4443a1d4ae00572a988120ea
Version: 477e19dedc9d3e1f4443a1d4ae00572a988120ea
Version: 477e19dedc9d3e1f4443a1d4ae00572a988120ea
Version: 477e19dedc9d3e1f4443a1d4ae00572a988120ea
Version: 477e19dedc9d3e1f4443a1d4ae00572a988120ea
Version: 477e19dedc9d3e1f4443a1d4ae00572a988120ea
Version: 477e19dedc9d3e1f4443a1d4ae00572a988120ea
Version: 477e19dedc9d3e1f4443a1d4ae00572a988120ea

Linux

Version: 4.20

Show details on NVD website