VDB

DEBIAN-CVE-2025-40185

DEBIAN-CVE-2025-40185 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: ice: ice_adapter: release xa entry on adapter allocation failure When ice_adapter_new() fails, the reserved XArray entry created by xa_insert() is not released. This causes subsequent insertions at the same index to return -EBUSY, potentially leading to NULL pointer dereferences. Reorder the operations as suggested by Przemek Kitszel: 1. Check if adapter already exists (xa_load) 2. Reserve the XArray slot (xa_reserve) 3. Allocate the adapter (ice_adapter_new) 4. Store the adapter (xa_store)

Affected Products

VendorProductVersions
Debian:14linux0, 6.12.38-1, 6.12.41-1
Debian:13linux0, 6.12.38-1, 6.12.43-1~bpo12+1

Timeline

  • Nov 12, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›