CVE-2025-21802

net: hns3: fix oops when unload drivers paralleling

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each
ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at
the time, because it removes all the ae_dev nodes, and it may cause
oops. But we can't simply use hnae3_common_lock for this. Because in the
process flow of pci_disable_sriov(), it will trigger the remove flow
of VF, which will also take hnae3_common_lock. To fixes it, introduce a new mutex to protect the unload process.

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it removes all the ae_dev nodes, and it may cause oops. But we can't simply use hnae3_common_lock for this. Because in the process flow of pci_disable_sriov(), it will trigger the remove flow of VF, which will also take hnae3_common_lock. To fixes it, introduce a new mutex to protect the unload process.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-02-27 CVE Published
2025-02-27 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/0dd8a25f355b4df2d41c08df1716340854c7d4c5	Vuln. Introduced
https://git.kernel.org/stable/c/b06ad258e01389ca3ff13bc180f3fcd6a608f1cd	Vuln. Introduced
https://git.kernel.org/stable/c/c4b64011e458aa2b246cd4e42012cfd83d2d9a5c	Vuln. Introduced
https://git.kernel.org/stable/c/d36b15e3e7b5937cb1f6ac590a85facc3a320642	Vuln. Introduced
https://git.kernel.org/stable/c/9b5a29f0acefa3eb1dbe2fa302b393eeff64d933	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/e876522659012ef2e73834a0b9f1cbe3f74d5fad	2025-02-21
https://git.kernel.org/stable/c/b5a8bc47aa0a4aa8bca5466dfa2d12dbb5b3cd0c	2025-02-08
https://git.kernel.org/stable/c/82736bb83fb0221319c85c2e9917d0189cd84e1e	2025-02-08
https://git.kernel.org/stable/c/cafe9a27e22736d4a01b3933e36225f9857c7988	2025-02-08
https://git.kernel.org/stable/c/92e5995773774a3e70257e9c95ea03518268bea5	2025-01-23

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.1.129 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.1.129"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.6.76 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.6.76"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.12.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.12.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.13.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.13.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.14-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.14-rc1"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.19.214 Search vendor "Linux" for product "Linux Kernel" and version "4.19.214"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.4.156 Search vendor "Linux" for product "Linux Kernel" and version "5.4.156"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.10.76 Search vendor "Linux" for product "Linux Kernel" and version "5.10.76"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.14.15 Search vendor "Linux" for product "Linux Kernel" and version "5.14.15"		en		Affected