CVE-2025-38582

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38582
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38582.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-38582
Downstream
Related
Published
2025-08-19T17:15:35Z
Modified
2025-09-06T13:01:50Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/hns: Fix double destruction of rsv_qp

rsvqp may be double destroyed in error flow, first in freemrinit(), and then in hnsroceexit(). Fix it by moving the freemrinit() call into hnsrocev2init().

listdel corruption, ffff589732eb9b50->next is LISTPOISON1 (dead000000000100) WARNING: CPU: 8 PID: 1047115 at lib/listdebug.c:53 _listdelentryvalid+0x148/0x240 ... Call trace: _listdelentryvalid+0x148/0x240 hnsroceqpremove+0x4c/0x3f0 [hnsrocehwv2] hnsrocev2destroyqpcommon+0x1dc/0x5f4 [hnsrocehwv2] hnsrocev2destroyqp+0x22c/0x46c [hnsrocehwv2] freemrexit+0x6c/0x120 [hnsrocehwv2] hnsrocev2exit+0x170/0x200 [hnsrocehwv2] hnsroceexit+0x118/0x350 [hnsrocehwv2] _hnsrocehwv2initinstance+0x1c8/0x304 [hnsrocehwv2] hnsrocehwv2resetnotifyinit+0x170/0x21c [hnsrocehwv2] hnsrocehwv2resetnotify+0x6c/0x190 [hnsrocehwv2] hclgenotifyroceclient+0x6c/0x160 [hclge] hclgeresetrebuild+0x150/0x5c0 [hclge] hclgereset+0x10c/0x140 [hclge] hclgeresetsubtask+0x80/0x104 [hclge] hclgeresetservicetask+0x168/0x3ac [hclge] hclgeservicetask+0x50/0x100 [hclge] processonework+0x250/0x9a0 workerthread+0x324/0x990 kthread+0x190/0x210 retfromfork+0x10/0x18

References

Affected packages