In the Linux kernel, the following vulnerability has been resolved:
benet: fix BUG when creating VFs
benet crashes as soon as SRIOV VFs are created:
kernel BUG at mm/vmalloc.c:3457! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 4 UID: 0 PID: 7408 Comm: test.sh Kdump: loaded Not tainted 6.16.0+ #1 PREEMPT(voluntary) [...] RIP: 0010:vunmap+0x5f/0x70 [...] Call Trace: <TASK> _iommudmafree+0xe8/0x1c0 becmdsetmaclist+0x3fe/0x640 [be2net] becmdsetmac+0xaf/0x110 [be2net] bevfethaddrconfig+0x19f/0x330 [be2net] bevfsetup+0x4f7/0x990 [be2net] bepcisriovconfigure+0x3a1/0x470 [be2net] sriovnumvfsstore+0x20b/0x380 kernfsfopwriteiter+0x354/0x530 vfswrite+0x9b9/0xf60 ksyswrite+0xf3/0x1d0 dosyscall64+0x8c/0x3d0
becmdsetmaclist() calls dmafreecoherent() under a spinlockbh. Fix it by freeing only after the lock has been released.
[ { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d5dc09ee5d74277bc47193fe28ce8703e229331b", "signature_version": "v1", "target": { "function": "be_cmd_set_mac_list", "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "function_hash": "62204675836223300670833923271822042768", "length": 842.0 }, "id": "CVE-2025-38569-07a22398" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a40f8af2ba1b9bdf46e2db10e8c9710538fbc63", "signature_version": "v1", "target": { "function": "be_cmd_set_mac_list", "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "function_hash": "62204675836223300670833923271822042768", "length": 842.0 }, "id": "CVE-2025-38569-1755310e" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@46d44a23a3723a89deeb65b13cddb17f8d9f2700", "signature_version": "v1", "target": { "function": "be_cmd_set_mac_list", "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "function_hash": "62204675836223300670833923271822042768", "length": 842.0 }, "id": "CVE-2025-38569-271bb5e3" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@975e73b9102d844a3dc3f091ad631c56145c8b4c", "signature_version": "v1", "target": { "function": "be_cmd_set_mac_list", "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "function_hash": "62204675836223300670833923271822042768", "length": 842.0 }, "id": "CVE-2025-38569-308313e1" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f80b34ebc579216407b128e9d155bfcae875c30f", "signature_version": "v1", "target": { "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "39263738001417507691723336177381557874", "139746697711539320951119113768956500201", "263508894086721623072793089497718144887", "265332115088601058514913738461922900140", "302705660551724986839019920479502729814" ] }, "id": "CVE-2025-38569-328604a5" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f80b34ebc579216407b128e9d155bfcae875c30f", "signature_version": "v1", "target": { "function": "be_cmd_set_mac_list", "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "function_hash": "62204675836223300670833923271822042768", "length": 842.0 }, "id": "CVE-2025-38569-3d93e40c" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c377ba2be9430d165a98e4b782902ed630bc7546", "signature_version": "v1", "target": { "function": "be_cmd_set_mac_list", "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "function_hash": "62204675836223300670833923271822042768", "length": 842.0 }, "id": "CVE-2025-38569-4f131f7d" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@975e73b9102d844a3dc3f091ad631c56145c8b4c", "signature_version": "v1", "target": { "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "39263738001417507691723336177381557874", "139746697711539320951119113768956500201", "263508894086721623072793089497718144887", "265332115088601058514913738461922900140", "302705660551724986839019920479502729814" ] }, "id": "CVE-2025-38569-5274b325" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c377ba2be9430d165a98e4b782902ed630bc7546", "signature_version": "v1", "target": { "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "39263738001417507691723336177381557874", "139746697711539320951119113768956500201", "263508894086721623072793089497718144887", "265332115088601058514913738461922900140", "302705660551724986839019920479502729814" ] }, "id": "CVE-2025-38569-5429cfcc" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4e4e0c4bc4d799d6fa39055acdbc3af066cd13e", "signature_version": "v1", "target": { "function": "be_cmd_set_mac_list", "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "function_hash": "62204675836223300670833923271822042768", "length": 842.0 }, "id": "CVE-2025-38569-6989abce" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4e4e0c4bc4d799d6fa39055acdbc3af066cd13e", "signature_version": "v1", "target": { "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "39263738001417507691723336177381557874", "139746697711539320951119113768956500201", "263508894086721623072793089497718144887", "265332115088601058514913738461922900140", "302705660551724986839019920479502729814" ] }, "id": "CVE-2025-38569-6cd5d130" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3697e37e012bbd2bb5a5b467689811ba097b2eff", "signature_version": "v1", "target": { "function": "be_cmd_set_mac_list", "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "function_hash": "62204675836223300670833923271822042768", "length": 842.0 }, "id": "CVE-2025-38569-7f60197b" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a40f8af2ba1b9bdf46e2db10e8c9710538fbc63", "signature_version": "v1", "target": { "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "39263738001417507691723336177381557874", "139746697711539320951119113768956500201", "263508894086721623072793089497718144887", "265332115088601058514913738461922900140", "302705660551724986839019920479502729814" ] }, "id": "CVE-2025-38569-dac5112d" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@46d44a23a3723a89deeb65b13cddb17f8d9f2700", "signature_version": "v1", "target": { "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "39263738001417507691723336177381557874", "139746697711539320951119113768956500201", "263508894086721623072793089497718144887", "265332115088601058514913738461922900140", "302705660551724986839019920479502729814" ] }, "id": "CVE-2025-38569-dd350220" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3697e37e012bbd2bb5a5b467689811ba097b2eff", "signature_version": "v1", "target": { "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "39263738001417507691723336177381557874", "139746697711539320951119113768956500201", "263508894086721623072793089497718144887", "265332115088601058514913738461922900140", "302705660551724986839019920479502729814" ] }, "id": "CVE-2025-38569-e988be6e" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0ddfe8b127ef1149fddccb79db6e6eaba7738e7d", "signature_version": "v1", "target": { "function": "be_cmd_set_mac_list", "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "function_hash": "62204675836223300670833923271822042768", "length": 842.0 }, "id": "CVE-2025-38569-ee6ec4e5" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0ddfe8b127ef1149fddccb79db6e6eaba7738e7d", "signature_version": "v1", "target": { "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "39263738001417507691723336177381557874", "139746697711539320951119113768956500201", "263508894086721623072793089497718144887", "265332115088601058514913738461922900140", "302705660551724986839019920479502729814" ] }, "id": "CVE-2025-38569-efb840c7" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d5dc09ee5d74277bc47193fe28ce8703e229331b", "signature_version": "v1", "target": { "file": "drivers/net/ethernet/emulex/benet/be_cmds.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "39263738001417507691723336177381557874", "139746697711539320951119113768956500201", "263508894086721623072793089497718144887", "265332115088601058514913738461922900140", "302705660551724986839019920479502729814" ] }, "id": "CVE-2025-38569-f6b78800" } ]