Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-21802

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 27 Ρ„Π΅Π². 2025
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: nvd
CVSS3: 5.5
EPSS Низкий

ОписаниС

In the Linux kernel, the following vulnerability has been resolved:

net: hns3: fix oops when unload drivers paralleling

When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it removes all the ae_dev nodes, and it may cause oops.

But we can't simply use hnae3_common_lock for this. Because in the process flow of pci_disable_sriov(), it will trigger the remove flow of VF, which will also take hnae3_common_lock.

To fixes it, introduce a new mutex to protect the unload process.

Бсылки

УязвимыС ΠΊΠΎΠ½Ρ„ΠΈΠ³ΡƒΡ€Π°Ρ†ΠΈΠΈ

ΠšΠΎΠ½Ρ„ΠΈΠ³ΡƒΡ€Π°Ρ†ΠΈΡ 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 4.19.214 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 4.20 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 5.4.156 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 5.5 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 5.10.76 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 5.10.235 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 5.14.15 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 5.15 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 5.15.1 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 5.15.179 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 5.16 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 6.1.129 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 6.2 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 6.6.76 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 6.7 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 6.12.13 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 6.13 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 6.13.2 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc7:*:*:*:*:*:*

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 12%
0.00041
Низкий

5.5 Medium

CVSS3

Π”Π΅Ρ„Π΅ΠΊΡ‚Ρ‹

NVD-CWE-noinfo

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-21802

CVSS3: 5.5
ubuntu
8 мСсяцСв Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it removes all the ae_dev nodes, and it may cause oops. But we can't simply use hnae3_common_lock for this. Because in the process flow of pci_disable_sriov(), it will trigger the remove flow of VF, which will also take hnae3_common_lock. To fixes it, introduce a new mutex to protect the unload process.

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-21802

CVSS3: 4.4
redhat
8 мСсяцСв Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it removes all the ae_dev nodes, and it may cause oops. But we can't simply use hnae3_common_lock for this. Because in the process flow of pci_disable_sriov(), it will trigger the remove flow of VF, which will also take hnae3_common_lock. To fixes it, introduce a new mutex to protect the unload process.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-21802

CVSS3: 5.5
debian
8 мСсяцСв Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: n ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-425c-353w-6mvg

CVSS3: 5.5
github
8 мСсяцСв Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it removes all the ae_dev nodes, and it may cause oops. But we can't simply use hnae3_common_lock for this. Because in the process flow of pci_disable_sriov(), it will trigger the remove flow of VF, which will also take hnae3_common_lock. To fixes it, introduce a new mutex to protect the unload process.

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2025-12055

CVSS3: 5.5
fstec
10 мСсяцСв Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½Ρ‚ΠΎΠ² ethernet/hisilicon/hns3 ядра ΠΎΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½ΠΎΠΉ систСмы Linux, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 12%
0.00041
Низкий

5.5 Medium

CVSS3

Π”Π΅Ρ„Π΅ΠΊΡ‚Ρ‹

NVD-CWE-noinfo
Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2025-21802