CVE-2025-38151
MEDIUMLinux Kernel - Denial of Service via RDMA cma_netevent_callback Work Queue Handling
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work The cited commit fixed a crash when cma_netevent_callback was called for a cma_id while work on that id from a previous call had not yet started. The work item was re-initialized in the second call, which corrupted the work item currently in the work queue. However, it left a problem when queue_work fails (because the item is still pending in the work queue from a previous call). In this case, cma_id_put (which is called in the work handler) is therefore not called. This results in a userspace process hang (zombie process). Fix this by calling cma_id_put() if queue_work fails.
References (6)
Core 6
Core References
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Scores
CVSS v3
5.5
EPSS
0.0009
EPSS Percentile
25.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (24)
debian/debian_linux
11.0
linux/Kernel
< 6.1.142linux
linux/Kernel
6.13.0 - 6.15.3linux
linux/Kernel
6.2.0 - 6.6.94linux
linux/Kernel
6.7.0 - 6.12.34linux
Linux/Linux
< 6.15
Linux/Linux
45f5dcdd049719fb999393b30679605f16ebce14 - 8b05aa3692e45b8249379dc52b14acc6a104d2e5
Linux/Linux
45f5dcdd049719fb999393b30679605f16ebce14 - 92a251c3df8ea1991cd9fe00f1ab0cfce18d7711
Linux/Linux
51003b2c872c63d28bcf5fbcc52cf7b05615f7b7 - 1ac40736c8c4255d8417b937c9715b193f4a87b3
Linux/Linux
6.1.135 - 6.1.142
... and 14 more
Published
Jul 03, 2025
Tracked Since
Feb 18, 2026