CVE-2025-40125
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-12

Last updated on: 2025-11-12

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx In __blk_mq_update_nr_hw_queues() the return value of blk_mq_sysfs_register_hctxs() is not checked. If sysfs creation for hctx fails, later changing the number of hw_queues or removing disk will trigger the following warning: kernfs: can not remove 'nr_tags', no directory WARNING: CPU: 2 PID: 637 at fs/kernfs/dir.c:1707 kernfs_remove_by_name_ns+0x13f/0x160 Call Trace: remove_files.isra.1+0x38/0xb0 sysfs_remove_group+0x4d/0x100 sysfs_remove_groups+0x31/0x60 __kobject_del+0x23/0xf0 kobject_del+0x17/0x40 blk_mq_unregister_hctx+0x5d/0x80 blk_mq_sysfs_unregister_hctxs+0x94/0xd0 blk_mq_update_nr_hw_queues+0x124/0x760 nullb_update_nr_hw_queues+0x71/0xf0 [null_blk] nullb_device_submit_queues_store+0x92/0x120 [null_blk] kobjct_del() was called unconditionally even if sysfs creation failed. Fix it by checkig the kobject creation statusbefore deleting it.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-12
Last Modified
2025-11-12
Generated
2026-05-07
AI Q&A
2025-11-13
EPSS Evaluated
2026-05-05
NVD
CVE-2025-40125
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Linux kernel occurs because the return value of blk_mq_sysfs_register_hctxs() is not checked in the function __blk_mq_update_nr_hw_queues(). If the creation of sysfs entries for hardware contexts (hctx) fails, the code later attempts to delete kobjects unconditionally, which can cause warnings and errors related to removing sysfs directories. The fix involves checking the kobject creation status before attempting to delete it, preventing these errors.


How can this vulnerability impact me? :

This vulnerability can cause kernel warnings and errors when the system tries to remove sysfs directories related to block device hardware queues. While it may not directly lead to a security breach, it can cause instability or unexpected behavior in the kernel's block device subsystem, potentially affecting system reliability or performance.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring the system logs for the specific warning message related to the blk-mq subsystem. Look for the warning: "kernfs: can not remove 'nr_tags', no directory" along with call traces involving blk_mq_unregister_hctx and related functions. You can use commands like `dmesg | grep 'kernfs: can not remove'` or `journalctl -k | grep 'kernfs: can not remove'` to find these warnings in kernel logs.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Linux kernel to a version where this vulnerability is fixed, as the issue is resolved by checking the kobject creation status before deleting it in blk_mq_unregister_hctx. Until an update is applied, monitoring for the warning messages and avoiding operations that change the number of hardware queues or remove disks that trigger this condition may reduce the risk of encountering the issue.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart