Fixed
Created: Jul 4, 2025
Updated: Jul 14, 2025
Resolved Date: Jul 10, 2025
Found In Version: 10.24.33.1
Fix Version: 10.24.33.11
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work[EOL][EOL]The cited commit fixed a crash when cma_netevent_callback was called for[EOL]a cma_id while work on that id from a previous call had not yet started.[EOL]The work item was re-initialized in the second call, which corrupted the[EOL]work item currently in the work queue.[EOL][EOL]However, it left a problem when queue_work fails (because the item is[EOL]still pending in the work queue from a previous call). In this case,[EOL]cma_id_put (which is called in the work handler) is therefore not[EOL]called. This results in a userspace process hang (zombie process).[EOL][EOL]Fix this by calling cma_id_put() if queue_work fails.
CREATE(Triage):(User=lchen-cn) [CVE-2025-38151 (https://nvd.nist.gov/vuln/detail/CVE-2025-38151)
