Linux Kernel IRQ Mapping Flaw in mlx5 Drivers
CVE-2025-40250
What is CVE-2025-40250?
A flaw in the Linux kernel's mlx5 IRQ allocation can lead to crashes due to improper cleanup during IRQ mapping failures. Specifically, when 'request_irq()' encounters exhausted IRQ vectors, the mlx5_irq_alloc() function erroneously frees the entire resource mapping instead of only the newly added one. This mismanagement risks invalidating other existing IRQ mappings, potentially causing system instability when subsequent access attempts are made by different threads. This vulnerability is triggered under specific configurations, highlighting the importance of precise cleanup processes in driver development. Effective remediation may involve updates to the IRQ allocation logic to ensure only the erroneous mappings are affected.
Affected Version(s)
Linux 3354822cde5a9f72aa725b3c619188b149a71a33 < 69e043bce09c9a77e5f55b9ac7505874a2a1a9f0
Linux 3354822cde5a9f72aa725b3c619188b149a71a33 < 6ebd02cf2dde11b86f89ea4c9f55179eab30d4ee
Linux 3354822cde5a9f72aa725b3c619188b149a71a33 < 4d6b4bea8b80bfa13c903ba547538249e7c5e977