CVE-2025-38439
published 2025-07-25CVE-2025-38439: In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT When transmitting an XDP_REDIRECT…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT
When transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()
with the proper length instead of 0. This bug triggers this warning
on a system with IOMMU enabled:
WARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170
RIP: 0010:__iommu_dma_unmap+0x159/0x170
Code: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45
b8 4c 89 45 c0 e9 77 ff ff ff 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00
RSP: 0018:ff22d31181150c88 EFLAGS: 00010206
RAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000
R10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000
R13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00
FS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0
PKRU: 55555554
Call Trace:
? show_regs+0x6d/0x80
? __warn+0x89/0x160
? __iommu_dma_unmap+0x159/0x170
? report_bug+0x17e/0x1b0
? handle_bug+0x46/0x90
? exc_invalid_op+0x18/0x80
? asm_exc_invalid_op+0x1b/0x20
? __iommu_dma_unmap+0x159/0x170
? __iommu_dma_unmap+0xb3/0x170
iommu_dma_unmap_page+0x4f/0x100
dma_unmap_page_attrs+0x52/0x220
? srso_alias_return_thunk+0x5/0xfbef5
? xdp_return_frame+0x2e/0xd0
bnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]
__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]
bnxt_poll+0xd3/0x1e0 [bnxt_en]
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= f18c2b77b2e4eec2313d519ba125bd6a069513cf < e260f4d49370c85a4701d43c6d16b8c39f8b605f | e260f4d49370c85a4701d43c6d16b8c39f8b605f |
| linux | linux | >= f18c2b77b2e4eec2313d519ba125bd6a069513cf < 16ae306602163fcb7ae83f2701b542e43c100cee | 16ae306602163fcb7ae83f2701b542e43c100cee |
| linux | linux | >= f18c2b77b2e4eec2313d519ba125bd6a069513cf < 8d672a1a6bfc81fef9151925c9c0481f4acf4bec | 8d672a1a6bfc81fef9151925c9c0481f4acf4bec |
| linux | linux | >= f18c2b77b2e4eec2313d519ba125bd6a069513cf < f9eaf6d036075dc820520e1194692c0619b7297b | f9eaf6d036075dc820520e1194692c0619b7297b |
| linux | linux | >= f18c2b77b2e4eec2313d519ba125bd6a069513cf < 5909679a82cd74cf0343d9e3ddf4b6931aa7e613 | 5909679a82cd74cf0343d9e3ddf4b6931aa7e613 |
| linux | linux | >= f18c2b77b2e4eec2313d519ba125bd6a069513cf < f154e41e1d9d15ab21300ba7bbf0ebb5cb3b9c2a | f154e41e1d9d15ab21300ba7bbf0ebb5cb3b9c2a |
| linux | linux | >= f18c2b77b2e4eec2313d519ba125bd6a069513cf < 50dad9909715094e7d9ca25e9e0412b875987519 | 50dad9909715094e7d9ca25e9e0412b875987519 |
| linux | linux | >= f18c2b77b2e4eec2313d519ba125bd6a069513cf < 3cdf199d4755d477972ee87110b2aebc88b3cfad | 3cdf199d4755d477972ee87110b2aebc88b3cfad |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.41-1 | 6.12.41-1 |
| linux | linux_kernel | >= 0 < 6.16.3-1 | 6.16.3-1 |
| linux | linux_kernel | >= 0 < 5.15.0-156.166 | 5.15.0-156.166 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 5.11 < 5.15.189 | 5.15.189 |
| linux | linux_kernel | >= 5.16 < 6.1.146 | 6.1.146 |
| linux | linux_kernel | >= 5.3 < 5.4.296 | 5.4.296 |
| linux | linux_kernel | >= 5.5 < 5.10.240 | 5.10.240 |
| linux | linux_kernel | >= 6.13 < 6.15.7 | 6.15.7 |
| linux | linux_kernel | >= 6.2 < 6.6.99 | 6.6.99 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM