Work Queue Management Issue in Linux Kernel Affects RDMA Components
CVE-2025-38151
What is CVE-2025-38151?
In a Linux kernel environment, a vulnerability exists within the RDMA (Remote Direct Memory Access) component that can lead to process hangs when the 'cma_netevent_callback' function encounters a failure in managing the work queue. When an attempt is made to queue a work item associated with a 'cma_id' that has not completed its prior operation, the system can inadvertently corrupt the current work item. If the queue function fails due to the work item being still pending, the critical procedure 'cma_id_put' is not executed, resulting in a zombie userspace process that remains unresponsive. This issue can severely disrupt normal operations, necessitating prompt attention to the kernel updates that address this flaw.
Affected Version(s)
Linux 51003b2c872c63d28bcf5fbcc52cf7b05615f7b7 < 1ac40736c8c4255d8417b937c9715b193f4a87b3
Linux c2b169fc7a12665d8a675c1ff14bca1b9c63fb9a
Linux d23fd7a539ac078df119707110686a5b226ee3bb < 02e45168e0fd6fdc6f8f7c42c4b500857aa5efb0