CVE-2025-38439
- Source
- https://cve.org/CVERecord?id=CVE-2025-38439
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38439.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38439
- Downstream
- Related
- Published
- 2025-07-25T15:27:18.640Z
- Modified
- 2026-03-20T12:42:51.423955Z
- Summary
- bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bnxten: Set DMA unmap len correctly for XDPREDIRECT
When transmitting an XDPREDIRECT packet, call dmaunmaplenset() with the proper length instead of 0. This bug triggers this warning on a system with IOMMU enabled:
WARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommudmaunmap+0x159/0x170 RIP: 0010:__iommudmaunmap+0x159/0x170 Code: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45 b8 4c 89 45 c0 e9 77 ff ff ff <0f> 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00 RSP: 0018:ff22d31181150c88 EFLAGS: 00010206 RAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000 R10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000 R13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00 FS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0 PKRU: 55555554 Call Trace: <IRQ> ? show_regs+0x6d/0x80 ? __warn+0x89/0x160 ? __iommudmaunmap+0x159/0x170 ? reportbug+0x17e/0x1b0 ? handlebug+0x46/0x90 ? exc_invalidop+0x18/0x80 ? asmexcinvalidop+0x1b/0x20 ? __iommudmaunmap+0x159/0x170 ? __iommudmaunmap+0xb3/0x170 iommudmaunmappage+0x4f/0x100 dmaunmappageattrs+0x52/0x220 ? srsoaliasreturnthunk+0x5/0xfbef5 ? xdpreturnframe+0x2e/0xd0 bnxttxintxdp+0xdf/0x440 [bnxt_en] __bnxtpollworkdone+0x81/0x1e0 [bnxten] bnxtpoll+0xd3/0x1e0 [bnxten]
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38439.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/16ae306602163fcb7ae83f2701b542e43c100cee
- https://git.kernel.org/stable/c/3cdf199d4755d477972ee87110b2aebc88b3cfad
- https://git.kernel.org/stable/c/50dad9909715094e7d9ca25e9e0412b875987519
- https://git.kernel.org/stable/c/5909679a82cd74cf0343d9e3ddf4b6931aa7e613
- https://git.kernel.org/stable/c/8d672a1a6bfc81fef9151925c9c0481f4acf4bec
- https://git.kernel.org/stable/c/e260f4d49370c85a4701d43c6d16b8c39f8b605f
- https://git.kernel.org/stable/c/f154e41e1d9d15ab21300ba7bbf0ebb5cb3b9c2a
- https://git.kernel.org/stable/c/f9eaf6d036075dc820520e1194692c0619b7297b
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38439.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38439
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf18c2b77b2e4eec2313d519ba125bd6a069513cfFixede260f4d49370c85a4701d43c6d16b8c39f8b605fFixed16ae306602163fcb7ae83f2701b542e43c100ceeFixed8d672a1a6bfc81fef9151925c9c0481f4acf4becFixedf9eaf6d036075dc820520e1194692c0619b7297bFixed5909679a82cd74cf0343d9e3ddf4b6931aa7e613Fixedf154e41e1d9d15ab21300ba7bbf0ebb5cb3b9c2aFixed50dad9909715094e7d9ca25e9e0412b875987519Fixed3cdf199d4755d477972ee87110b2aebc88b3cfad