CVE-2025-37895
- Source
- https://cve.org/CVERecord?id=CVE-2025-37895
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37895.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-37895
- Downstream
- Published
- 2025-05-20T15:21:32.045Z
- Modified
- 2026-05-15T04:13:30.417644043Z
- Summary
- bnxt_en: Fix error handling path in bnxt_init_chip()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bnxten: Fix error handling path in bnxtinit_chip()
WARN_ON() is triggered in _flushwork() if bnxtinitchip() fails because we call cancelworksync() on dim work that has not been initialized.
WARNING: CPU: 37 PID: 5223 at kernel/workqueue.c:4201 _flushwork.isra.0+0x212/0x230
The driver relies on the BNXTSTATENAPIDISABLED bit to check if dim work has already been cancelled. But in the bnxtopen() path, BNXTSTATENAPIDISABLED is not set and this causes the error path to think that it needs to cancel the uninitalized dim work. Fix it by setting BNXTSTATENAPIDISABLED during initialization. The bit will be cleared when we enable NAPI and initialize dim work.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37895.json" }- References
-
- https://git.kernel.org/stable/c/21116727f452474502ee74f956d5e7466103e19b
- https://git.kernel.org/stable/c/9ab7a709c926c16b4433cf02d04fcbcf35aaab2b
- https://git.kernel.org/stable/c/e039b00ddbfeaa0dc59b8659be114f1a1b37c5bf
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37895.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-37895
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git