| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025120433-CVE-2025-40259-86e9@gregkh> Date: Thu, 4 Dec 2025 16:57:40 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-40259: scsi: sg: Do not sleep in atomic context From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Do not sleep in atomic context sg_finish_rem_req() calls blk_rq_unmap_user(). The latter function may sleep. Hence, call sg_finish_rem_req() with interrupts enabled instead of disabled. The Linux kernel CVE team has assigned CVE-2025-40259 to this issue. Affected and fixed versions =========================== Issue introduced in 4.12 with commit 97d27b0dd015e980ade63fda111fd1353276e28b and fixed in 5.4.302 with commit 11eeee00c94d770d4e45364060b5f1526dfe567b Issue introduced in 4.12 with commit 97d27b0dd015e980ade63fda111fd1353276e28b and fixed in 6.6.118 with commit b343cee5df7e750d9033fba33e96fc4399fa88a5 Issue introduced in 4.12 with commit 97d27b0dd015e980ade63fda111fd1353276e28b and fixed in 6.12.60 with commit b2c0340cfa25c5c1f65e8590cc1a2dc97d14ef0f Issue introduced in 4.12 with commit 97d27b0dd015e980ade63fda111fd1353276e28b and fixed in 6.17.10 with commit 6983d8375c040bb449d2187f4a57a20de01244fe Issue introduced in 4.12 with commit 97d27b0dd015e980ade63fda111fd1353276e28b and fixed in 6.18 with commit 90449f2d1e1f020835cba5417234636937dd657e Issue introduced in 3.16.85 with commit 8d1f3b474a89b42f957ba3bae959dd3cd16531ca Issue introduced in 3.18.101 with commit fa55ef3f803fc7c20be0ab809e6278c31febd875 Issue introduced in 4.1.52 with commit 6af37613289cfd32516ada47e444b48a638829c8 Issue introduced in 4.4.123 with commit 4a8e8e0af9a520a685e0ab2d489327d5220d7ce2 Issue introduced in 4.9.89 with commit ae9b6ae2e77947534e255903627cc62746ea77e2 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-40259 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/scsi/sg.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/11eeee00c94d770d4e45364060b5f1526dfe567b https://git.kernel.org/stable/c/b343cee5df7e750d9033fba33e96fc4399fa88a5 https://git.kernel.org/stable/c/b2c0340cfa25c5c1f65e8590cc1a2dc97d14ef0f https://git.kernel.org/stable/c/6983d8375c040bb449d2187f4a57a20de01244fe https://git.kernel.org/stable/c/90449f2d1e1f020835cba5417234636937dd657e
Powered by blists - more mailing lists