Wind River Support Network

HomeDefectsLIN1024-10111
Fixed

LIN1024-10111 : Security Advisory - linux - CVE-2025-38127

Created: Jul 3, 2025    Updated: Jul 10, 2025
Resolved Date: Jul 10, 2025
Found In Version: 10.24.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]ice: fix Tx scheduler error handling in XDP callback[EOL][EOL]When the XDP program is loaded, the XDP callback adds new Tx queues.[EOL]This means that the callback must update the Tx scheduler with the new[EOL]queue number. In the event of a Tx scheduler failure, the XDP callback[EOL]should also fail and roll back any changes previously made for XDP[EOL]preparation.[EOL][EOL]The previous implementation had a bug that not all changes made by the[EOL]XDP callback were rolled back. This caused the crash with the following[EOL]call trace:[EOL][EOL][  +9.549584] ice 0000:ca:00.0: Failed VSI LAN queue config for XDP, error: -5[EOL][  +0.382335] Oops: general protection fault, probably for non-canonical address 0x50a2250a90495525: 0000 [#1] SMP NOPTI[EOL][  +0.010710] CPU: 103 UID: 0 PID: 0 Comm: swapper/103 Not tainted 6.14.0-net-next-mar-31+ #14 PREEMPT(voluntary)[EOL][  +0.010175] Hardware name: Intel Corporation M50CYP2SBSTD/M50CYP2SBSTD, BIOS SE5C620.86B.01.01.0005.2202160810 02/16/2022[EOL][  +0.010946] RIP: 0010:__ice_update_sample+0x39/0xe0 [ice][EOL][EOL][...][EOL][EOL][  +0.002715] Call Trace:[EOL][  +0.002452]  <IRQ>[EOL][  +0.002021]  ? __die_body.cold+0x19/0x29[EOL][  +0.003922]  ? die_addr+0x3c/0x60[EOL][  +0.003319]  ? exc_general_protection+0x17c/0x400[EOL][  +0.004707]  ? asm_exc_general_protection+0x26/0x30[EOL][  +0.004879]  ? __ice_update_sample+0x39/0xe0 [ice][EOL][  +0.004835]  ice_napi_poll+0x665/0x680 [ice][EOL][  +0.004320]  __napi_poll+0x28/0x190[EOL][  +0.003500]  net_rx_action+0x198/0x360[EOL][  +0.003752]  ? update_rq_clock+0x39/0x220[EOL][  +0.004013]  handle_softirqs+0xf1/0x340[EOL][  +0.003840]  ? sched_clock_cpu+0xf/0x1f0[EOL][  +0.003925]  __irq_exit_rcu+0xc2/0xe0[EOL][  +0.003665]  common_interrupt+0x85/0xa0[EOL][  +0.003839]  </IRQ>[EOL][  +0.002098]  <TASK>[EOL][  +0.002106]  asm_common_interrupt+0x26/0x40[EOL][  +0.004184] RIP: 0010:cpuidle_enter_state+0xd3/0x690[EOL][EOL]Fix this by performing the missing unmapping of XDP queues from[EOL]q_vectors and setting the XDP rings pointer back to NULL after all those[EOL]queues are released.[EOL]Also, add an immediate exit from the XDP callback in case of ring[EOL]preparation failure.

CREATE(Triage):(User=lchen-cn) [CVE-2025-38127 (https://nvd.nist.gov/vuln/detail/CVE-2025-38127)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube