Linux Kernel Vulnerability in NVMe over Fibre Channel Interface
CVE-2025-40343

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
9 December 2025

What is CVE-2025-40343?

A vulnerability exists within the NVMe over Fibre Channel implementation of the Linux kernel. Specifically, improper handling during the shutdown of a port can lead to the scheduling of deletion actions for associations more than once. This issue arises when functions responsible for deleting controller associations inadvertently allow for double scheduling, which could lead to resource mismanagement. The flaw is due to inadequate tracking of associations during the deletion process, exacerbated by the absence of locking mechanisms due to the RCU list nature of the association list. A termination flag is necessary to manage the status of ongoing deletions effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux a07b4970f464f13640e28e16dad6cfa33647cc99 < 2f4852db87e25d4e226b25cb6f652fef9504360e

Linux a07b4970f464f13640e28e16dad6cfa33647cc99 < 85e2ce1920cb511d57aae59f0df6ff85b28bf04d

Linux a07b4970f464f13640e28e16dad6cfa33647cc99 < 601ed47b2363c24d948d7bac0c23abc8bd459570

References

https://git.kernel.org/stable/c/2f4852db87e25d4e226b25cb6...
https://git.kernel.org/stable/c/85e2ce1920cb511d57aae59f0...
https://git.kernel.org/stable/c/601ed47b2363c24d948d7bac0...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.