Wind River Support Network

HomeDefectsLIN1025-5861
Fixed

LIN1025-5861 : Security Advisory - linux - CVE-2025-40125

Created: Nov 12, 2025    Updated: Nov 25, 2025
Resolved Date: Nov 24, 2025
Found In Version: 10.25.33.1
Fix Version: 10.25.33.3
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx[EOL][EOL]In __blk_mq_update_nr_hw_queues() the return value of[EOL]blk_mq_sysfs_register_hctxs() is not checked. If sysfs creation for hctx[EOL]fails, later changing the number of hw_queues or removing disk will[EOL]trigger the following warning:[EOL][EOL]  kernfs: can not remove 'nr_tags', no directory[EOL]  WARNING: CPU: 2 PID: 637 at fs/kernfs/dir.c:1707 kernfs_remove_by_name_ns+0x13f/0x160[EOL]  Call Trace:[EOL]   remove_files.isra.1+0x38/0xb0[EOL]   sysfs_remove_group+0x4d/0x100[EOL]   sysfs_remove_groups+0x31/0x60[EOL]   __kobject_del+0x23/0xf0[EOL]   kobject_del+0x17/0x40[EOL]   blk_mq_unregister_hctx+0x5d/0x80[EOL]   blk_mq_sysfs_unregister_hctxs+0x94/0xd0[EOL]   blk_mq_update_nr_hw_queues+0x124/0x760[EOL]   nullb_update_nr_hw_queues+0x71/0xf0 [null_blk][EOL]   nullb_device_submit_queues_store+0x92/0x120 [null_blk][EOL][EOL]kobjct_del() was called unconditionally even if sysfs creation failed.[EOL]Fix it by checkig the kobject creation statusbefore deleting it.

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube