DMA Memory Corruption Vulnerability in Linux Kernel Related to bnxt_en Driver
CVE-2025-40330

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-40330?

A vulnerability in the bnxt_en driver of the Linux kernel can lead to memory corruption due to improper management of DMA operations during the shutdown process. When the netif_close() function is called in bnxt_shutdown(), while packet DMA is halted, firmware DMA related to trace logging may continue running. This ongoing DMA can result in memory corruption if the system is kexec'd to a new kernel. To mitigate the risk, the bnxt_hwrm_func_drv_unrgtr() function has been introduced to unregister the driver from the firmware, with additional measures such as pcie_flr() to reset the function if unregistration fails.

Affected Version(s)

Linux 24d694aec139e9e0a31c60993db79bd8ad575afe < 1a8a15c3f71d1199d510ccba4bc201cbd2204048

Linux 24d694aec139e9e0a31c60993db79bd8ad575afe

Linux 6.13

References

https://git.kernel.org/stable/c/1a8a15c3f71d1199d510ccba4...

https://git.kernel.org/stable/c/bc7208ca805ae6062f353a475...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Apr 16, 2025

JSON