CVE-2025-38287

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-38287

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38287.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-38287

Downstream

SUSE-SU-2025:02853-1

UBUNTU-CVE-2025-38287

USN-7769-1

USN-7769-2

USN-7769-3

USN-7770-1

USN-7771-1

USN-7789-1

USN-7789-2

Related

SUSE-SU-2025:02853-1

Published

2025-07-10T07:42:04Z

Modified

2025-10-16T01:49:23.416785Z

Summary

IB/cm: Drop lockdep assert and WARN when freeing old msg

Details

In the Linux kernel, the following vulnerability has been resolved:

IB/cm: Drop lockdep assert and WARN when freeing old msg

The send completion handler can run after cmid has advanced to another message. The cmid lock is not needed in this case, but a recent change re-used cmfreeprivmsg(), which asserts that the lock is held and WARNs if the cmid's currently outstanding msg is different than the one being freed.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1e5159219076ddb2e44338c667c83fd1bd43dfef

Fixed

fc096a0cd2017cb0aa1e7fb83131410af9283910

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1e5159219076ddb2e44338c667c83fd1bd43dfef

Fixed

7590649ee7af381a9d1153143026dec124c5798e

Affected versions

v6.*

v6.12

v6.12-rc3

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.15

v6.15-rc1

v6.15-rc2

v6.15-rc3

v6.15-rc4

v6.15-rc5

v6.15-rc6

v6.15-rc7

v6.15.1

v6.15.2

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.15.3