CVE-2025-40342

nvmefcunregisterremote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reconnect logic, because nvmefccreateassociation is not taking a lock to check the port_state and atomically increase the active count on the rport.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40342.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

e399441de9115cd472b8ace6c517708273ca7997

Fixed

de3d91af47bc015031e7721b100a29989f6498a5

Fixed

e8cde03de8674b05f2c5e0870729049eba517800

Fixed

4253e0a4546138a2bf9cb6acf66b32fee677fc7c

Fixed

25f4bf1f7979a7871974fd36c79d69ff1cf4b446

Fixed

9950af4303942081dc8c7a5fdc3688c17c7eb6c0

Fixed

a2f7fa75c4a2a07328fa22ccbef461db76790b55

Fixed

891cdbb162ccdb079cd5228ae43bdeebce8597ad

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40342.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.10.0

Fixed

5.10.247

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.197

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.159

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.117

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.58

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.8

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40342.json"