[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2025-40250":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":19,"modified_at":20,"state":9,"summary":21,"references_raw":23,"kevs":30,"epss":9,"epss_history":31,"metrics":32,"affected":33},"DEBIAN-CVE-2025-40250","In the Linux kernel, the following vulnerability has been resolved:  net/mlx5: Clean up only new IRQ glue on request_irq() failure  The mlx5_irq_alloc() function can inadvertently free the entire rmap and end up in a crash[1] when the other threads tries to access this, when request_irq() fails due to exhausted IRQ vectors. This commit modifies the cleanup to remove only the specific IRQ mapping that was just added.  This prevents removal of other valid mappings and ensures precise cleanup of the failed IRQ allocation's associated glue object.  Note: This error is observed when both fwctl and rds configs are enabled.  [1] mlx5_core 0000:05:00.0: Successfully registered panic handler for port 1 mlx5_core 0000:05:00.0: mlx5_irq_alloc:293:(pid 66740): Failed to request irq. err = -28 infiniband mlx5_0: mlx5_ib_test_wc:290:(pid 66740): Error -28 while trying to test write-combining support mlx5_core 0000:05:00.0: Successfully unregistered panic handler for port 1 mlx5_core 0000:06:00.0: Successfully registered panic handler for port 1 mlx5_core 0000:06:00.0: mlx5_irq_alloc:293:(pid 66740): Failed to request irq. err = -28 infiniband mlx5_0: mlx5_ib_test_wc:290:(pid 66740): Error -28 while trying to test write-combining support mlx5_core 0000:06:00.0: Successfully unregistered panic handler for port 1 mlx5_core 0000:03:00.0: mlx5_irq_alloc:293:(pid 28895): Failed to request irq. err = -28 mlx5_core 0000:05:00.0: mlx5_irq_alloc:293:(pid 28895): Failed to request irq. err = -28 general protection fault, probably for non-canonical address 0xe277a58fde16f291: 0000 [#1] SMP NOPTI  RIP: 0010:free_irq_cpu_rmap+0x23/0x7d Call Trace:    \u003CTASK>    ? show_trace_log_lvl+0x1d6/0x2f9    ? show_trace_log_lvl+0x1d6/0x2f9    ? mlx5_irq_alloc.cold+0x5d/0xf3 [mlx5_core]    ? __die_body.cold+0x8/0xa    ? die_addr+0x39/0x53    ? exc_general_protection+0x1c4/0x3e9    ? dev_vprintk_emit+0x5f/0x90    ? asm_exc_general_protection+0x22/0x27    ? free_irq_cpu_rmap+0x23/0x7d    mlx5_irq_alloc.cold+0x5d/0xf3 [mlx5_core]    irq_pool_request_vector+0x7d/0x90 [mlx5_core]    mlx5_irq_request+0x2e/0xe0 [mlx5_core]    mlx5_irq_request_vector+0xad/0xf7 [mlx5_core]    comp_irq_request_pci+0x64/0xf0 [mlx5_core]    create_comp_eq+0x71/0x385 [mlx5_core]    ? mlx5e_open_xdpsq+0x11c/0x230 [mlx5_core]    mlx5_comp_eqn_get+0x72/0x90 [mlx5_core]    ? xas_load+0x8/0x91    mlx5_comp_irqn_get+0x40/0x90 [mlx5_core]    mlx5e_open_channel+0x7d/0x3c7 [mlx5_core]    mlx5e_open_channels+0xad/0x250 [mlx5_core]    mlx5e_open_locked+0x3e/0x110 [mlx5_core]    mlx5e_open+0x23/0x70 [mlx5_core]    __dev_open+0xf1/0x1a5    __dev_change_flags+0x1e1/0x249    dev_change_flags+0x21/0x5c    do_setlink+0x28b/0xcc4    ? __nla_parse+0x22/0x3d    ? inet6_validate_link_af+0x6b/0x108    ? cpumask_next+0x1f/0x35    ? __snmp6_fill_stats64.constprop.0+0x66/0x107    ? __nla_validate_parse+0x48/0x1e6    __rtnl_newlink+0x5ff/0xa57    ? kmem_cache_alloc_trace+0x164/0x2ce    rtnl_newlink+0x44/0x6e    rtnetlink_rcv_msg+0x2bb/0x362    ? __netlink_sendskb+0x4c/0x6c    ? netlink_unicast+0x28f/0x2ce    ? rtnl_calcit.isra.0+0x150/0x146    netlink_rcv_skb+0x5f/0x112    netlink_unicast+0x213/0x2ce    netlink_sendmsg+0x24f/0x4d9    __sock_sendmsg+0x65/0x6a    ____sys_sendmsg+0x28f/0x2c9    ? import_iovec+0x17/0x2b    ___sys_sendmsg+0x97/0xe0    __sys_sendmsg+0x81/0xd8    do_syscall_64+0x35/0x87    entry_SYSCALL_64_after_hwframe+0x6e/0x0 RIP: 0033:0x7fc328603727 Code: c3 66 90 41 54 41 89 d4 55 48 89 f5 53 89 fb 48 83 ec 10 e8 0b ed ff ff 44 89 e2 48 89 ee 89 df 41 89 c0 b8 2e 00 00 00 0f 05 \u003C48> 3d 00 f0 ff ff 77 35 44 89 c7 48 89 44 24 08 e8 44 ed ff ff 48 RSP: 002b:00007ffe8eb3f1a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007fc328603727 RDX: 0000000000000000 RSI: 00007ffe8eb3f1f0 RDI: 000000000000000d RBP: 00007ffe8eb3f1f0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 R13: 00000000000 ---truncated---",null,[],[],[],[14],{"_key":15},"CVE-2025-40250",[],[],[],"2025-12-04T16:16:18.527Z","2026-04-28T20:30:09.326205Z",{"cisa_kev":22,"cisa_ransomware":22,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[24],{"url":25,"sources":26,"tags":28},"https://security-tracker.debian.org/tracker/CVE-2025-40250",[27],"osv_debian",[29],"Advisory",[],[],[],[34],{"ecosystem":35,"name":36,"vendor":37,"product":36,"cpe_part":9,"purl_type":38,"purl_namespace":37,"purl_name":36,"source":9,"versions":39},"Debian","linux","debian","deb",[40,46],{"version":41,"is_range":42,"range_type":43,"version_start":9,"version_start_type":9,"version_end":44,"version_end_type":45,"fixed_in":9},"lt6_12_63_1",true,"ecosystem","6.12.63-1","excluding",{"version":47,"is_range":42,"range_type":43,"version_start":9,"version_start_type":9,"version_end":48,"version_end_type":45,"fixed_in":9},"lt6_17_10_1","6.17.10-1"]