DEBIAN-CVE-2025-39956

In the Linux kernel, the following vulnerability has been resolved: igc: don't fail igcprobe() on LED setup error When igcledsetup() fails, igcprobe() fails and triggers kernel panic in freenetdev() since unregisternetdev() is not called. [1] This behavior can be tested using fault-injection framework, especially the failslab feature. [2] Since LED support is not mandatory, treat LED setup failures as non-fatal and continue probe with a warning message, consequently avoiding the kernel panic. [1] kernel BUG at net/core/dev.c:12047! Oops: invalid opcode: 0000 [#1] SMP NOPTI CPU: 0 UID: 0 PID: 937 Comm: repro-igc-led-e Not tainted 6.17.0-rc4-enjuk-tnguy-00865-gc4940196ab02 #64 PREEMPT(voluntary) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:freenetdev+0x278/0x2b0 [...] Call Trace: <TASK> igcprobe+0x370/0x910 localpciprobe+0x3a/0x80 pcideviceprobe+0xd1/0x200 [...] [2] #!/bin/bash -ex FAILSLABPATH=/sys/kernel/debug/failslab/ DEVICE=0000:00:05.0 STARTADDR=$(grep " igcledsetup" /proc/kallsyms \ | awk '{printf("0x%s", $1)}') ENDADDR=$(printf "0x%x" $((STARTADDR + 0x100))) echo $STARTADDR > $FAILSLABPATH/require-start echo $ENDADDR > $FAILSLABPATH/require-end echo 1 > $FAILSLABPATH/times echo 100 > $FAILSLABPATH/probability echo N > $FAILSLAB_PATH/ignore-gfp-wait echo $DEVICE > /sys/bus/pci/drivers/igc/bind