i40e Driver Vulnerability in Linux Kernel by Intel
CVE-2022-49725

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 February 2025

Summary

A race condition vulnerability exists in the i40e driver of the Linux kernel that can lead to system crashes. During the process of resetting the physical function (PF) and running diagnostic tests, insufficient timing between two calls to i40e_vsi_close might occur. If these two calls overlap, it can trigger a panic in the system. The issue arises when the diag_test operation is initiated before the prior reset operation has completed, causing the second i40e_vsi_close to execute prematurely. The recent fix implements a check to ensure that diagnostic tests do not commence if the PF is currently in a reset state, thereby preventing the race condition and system instability.

Affected Version(s)

Linux e17bc411aea8fbebc51857037f104ab09f765120 < 5ba9956ca57e361fb13ea369bb753eb33177acc7

Linux e17bc411aea8fbebc51857037f104ab09f765120 < 15950157e2c24865b696db1c9ccc72743ae0e967

Linux e17bc411aea8fbebc51857037f104ab09f765120

References

https://git.kernel.org/stable/c/5ba9956ca57e361fb13ea369b...

https://git.kernel.org/stable/c/15950157e2c24865b696db1c9...

https://git.kernel.org/stable/c/ff6e03fe84bc917bb0c907d02...

Timeline

Vulnerability published
Feb 26, 2025
Vulnerability Reserved
Feb 26, 2025