CVE-2025-39833

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-39833
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39833.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-39833
Downstream
Related
Published
2025-09-16T13:08:50.192Z
Modified
2026-03-20T12:43:04.481130Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
mISDN: hfcpci: Fix warning when deleting uninitialized timer
Details

In the Linux kernel, the following vulnerability has been resolved:

mISDN: hfcpci: Fix warning when deleting uninitialized timer

With CONFIGDEBUGOBJECTS_TIMERS unloading hfcpci module leads to the following splat:

[ 250.215892] ODEBUG: assertinit not available (active state 0) object: ffffffffc01a3dc0 object type: timerlist hint: 0x0 [ 250.217520] WARNING: CPU: 0 PID: 233 at lib/debugobjects.c:612 debugprintobject+0x1b6/0x2c0 [ 250.218775] Modules linked in: hfcpci(-) mISDNcore [ 250.219537] CPU: 0 UID: 0 PID: 233 Comm: rmmod Not tainted 6.17.0-rc2-g6f713187ac98 #2 PREEMPT(voluntary) [ 250.220940] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 250.222377] RIP: 0010:debugprintobject+0x1b6/0x2c0 [ 250.223131] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 41 56 48 8b 14 dd a0 4e 01 9f 48 89 ee 48 c7 c7 20 46 01 9f e8 cb 84d [ 250.225805] RSP: 0018:ffff888015ea7c08 EFLAGS: 00010286 [ 250.226608] RAX: 0000000000000000 RBX: 0000000000000005 RCX: ffffffff9be93a95 [ 250.227708] RDX: 1ffff1100d945138 RSI: 0000000000000008 RDI: ffff88806ca289c0 [ 250.228993] RBP: ffffffff9f014a00 R08: 0000000000000001 R09: ffffed1002bd4f39 [ 250.230043] R10: ffff888015ea79cf R11: 0000000000000001 R12: 0000000000000001 [ 250.231185] R13: ffffffff9eea0520 R14: 0000000000000000 R15: ffff888015ea7cc8 [ 250.232454] FS: 00007f3208f01540(0000) GS:ffff8880caf5a000(0000) knlGS:0000000000000000 [ 250.233851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 250.234856] CR2: 00007f32090a7421 CR3: 0000000004d63000 CR4: 00000000000006f0 [ 250.236117] Call Trace: [ 250.236599] <TASK> [ 250.236967] ? traceirqenable.constprop.0+0xd4/0x130 [ 250.237920] debugobjectassertinit+0x1f6/0x310 [ 250.238762] ? __pfxdebugobjectassertinit+0x10/0x10 [ 250.239658] ? __lock_acquire+0xdea/0x1c70 [ 250.240369] __trytolock_acquire+0xdea/0x1c70 [ 250.240369] __trytodeltimersync+0x69/0x140 [ 250.241172] ? pfxrytodeltimersync+0x10/0x10 [ 250.242058] ? __timerdeletesync+0xc6/0x120 [ 250.242842] ? lock_acquire+0x30/0x80 [ 250.243474] ? __timerdeletesync+0xc6/0x120 [ 250.244262] __timerdeletesync+0x98/0x120 [ 250.245015] HFC_cleanup+0x10/0x20 [hfcpci] [ 250.245704] _dosystimerdeletesync+0xc6/0x120 [ 250.244262] __timerdeletesync+0x98/0x120 [ 250.245015] HFC_cleanup+0x10/0x20 [hfcpci] [ 250.245704] _dosysdeletemodule+0x348/0x510 [ 250.246461] ? pfxosysdeletemodule+0x10/0x10 [ 250.247338] dosyscall64+0xc1/0x360 [ 250.247924] entrySYSCALL64afterhwframe+0x77/0x7f

Fix this by initializing hfctl timer with DEFINETIMER macro. Also, use mod_timer instead of manual timeout update.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39833.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
87c5fa1bb42624254a2013cbbc3b170d6017f5d6
Fixed
43fc5da8133badf17f5df250ba03b9d882254845
Fixed
97766512a9951b9fd6fc97f1b93211642bb0b220

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39833.json"