CVE-2025-40219
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-04

Last updated on: 2026-04-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd ("PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV") tried to fix a race between the VF removal inside sriov_del_vfs() and concurrent hot unplug by taking the PCI rescan/remove lock in sriov_del_vfs(). Similarly the PCI rescan/remove lock was also taken in sriov_add_vfs() to protect addition of VFs. This approach however causes deadlock on trying to remove PFs with SR-IOV enabled because PFs disable SR-IOV during removal and this removal happens under the PCI rescan/remove lock. So the original fix had to be reverted. Instead of taking the PCI rescan/remove lock in sriov_add_vfs() and sriov_del_vfs(), fix the race that occurs with SR-IOV enable and disable vs hotplug higher up in the callchain by taking the lock in sriov_numvfs_store() before calling into the driver's sriov_configure() callback.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-04
Last Modified
2026-04-03
Generated
2026-05-07
AI Q&A
2025-12-04
EPSS Evaluated
2026-05-05
NVD
CVE-2025-40219
EUVD
EUVD-2025-201184
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Linux kernel involves missing locking mechanisms when enabling or disabling SR-IOV (Single Root I/O Virtualization) on PCI devices. Specifically, the sriov_disable() function removes virtual functions (VFs) without proper synchronization using the pci_rescan_remove_lock, which can lead to race conditions such as double removal of devices and list corruption, especially on the s390 platform. The lack of locking means concurrent operations on PCI devices can interfere with each other, causing instability or crashes.


How can this vulnerability impact me? :

This vulnerability can cause system instability or crashes due to race conditions when removing or adding PCI virtual functions. On affected platforms like s390, it may lead to double removal of devices and corruption of internal kernel data structures, potentially resulting in kernel panics or other unpredictable behavior that could disrupt normal system operations.


What immediate steps should I take to mitigate this vulnerability?

Apply the updated Linux kernel patch that adds proper locking in sriov_disable() and sriov_add_vfs() functions to prevent race conditions during SR-IOV enable/disable operations. Avoid disabling SR-IOV on affected systems until the fix is applied to prevent potential device removal races and list corruption.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart