fkie_cve-2025-22105
Vulnerability from fkie_nvd
Published
2025-04-16 15:16
Modified
2025-04-17 20:22
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning[1]: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj af_xdp_kern.o sec xdp ip netns exec ns1 ip link set bond0 type bond mode broadcast ip netns del ns1 When delete the namespace, dev_xdp_uninstall() is called to remove xdp program on bond dev, and bond_xdp_set() will check the bond mode. If bond mode is changed after attaching xdp program, the warning may occur. Some bond modes (broadcast, etc.) do not support native xdp. Set bond mode with xdp program attached is not good. Add check for xdp program when set bond mode. [1] ------------[ cut here ]------------ WARNING: CPU: 0 PID: 11 at net/core/dev.c:9912 unregister_netdevice_many_notify+0x8d9/0x930 Modules linked in: CPU: 0 UID: 0 PID: 11 Comm: kworker/u4:0 Not tainted 6.14.0-rc4 #107 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014 Workqueue: netns cleanup_net RIP: 0010:unregister_netdevice_many_notify+0x8d9/0x930 Code: 00 00 48 c7 c6 6f e3 a2 82 48 c7 c7 d0 b3 96 82 e8 9c 10 3e ... RSP: 0018:ffffc90000063d80 EFLAGS: 00000282 RAX: 00000000ffffffa1 RBX: ffff888004959000 RCX: 00000000ffffdfff RDX: 0000000000000000 RSI: 00000000ffffffea RDI: ffffc90000063b48 RBP: ffffc90000063e28 R08: ffffffff82d39b28 R09: 0000000000009ffb R10: 0000000000000175 R11: ffffffff82d09b40 R12: ffff8880049598e8 R13: 0000000000000001 R14: dead000000000100 R15: ffffc90000045000 FS: 0000000000000000(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000d406b60 CR3: 000000000483e000 CR4: 00000000000006f0 Call Trace: <TASK> ? __warn+0x83/0x130 ? unregister_netdevice_many_notify+0x8d9/0x930 ? report_bug+0x18e/0x1a0 ? handle_bug+0x54/0x90 ? exc_invalid_op+0x18/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? unregister_netdevice_many_notify+0x8d9/0x930 ? bond_net_exit_batch_rtnl+0x5c/0x90 cleanup_net+0x237/0x3d0 process_one_work+0x163/0x390 worker_thread+0x293/0x3b0 ? __pfx_worker_thread+0x10/0x10 kthread+0xec/0x1e0 ? __pfx_kthread+0x10/0x10 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2f/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 </TASK> ---[ end trace 0000000000000000 ]---
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/094ee6017ea09c11d6af187935a949df32803ce0
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0dd4fac43bdea23cfe4bb2a3eabb76d752ac32fb
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: check xdp prog when set bond mode\n\nFollowing operations can trigger a warning[1]:\n\n    ip netns add ns1\n    ip netns exec ns1 ip link add bond0 type bond mode balance-rr\n    ip netns exec ns1 ip link set dev bond0 xdp obj af_xdp_kern.o sec xdp\n    ip netns exec ns1 ip link set bond0 type bond mode broadcast\n    ip netns del ns1\n\nWhen delete the namespace, dev_xdp_uninstall() is called to remove xdp\nprogram on bond dev, and bond_xdp_set() will check the bond mode. If bond\nmode is changed after attaching xdp program, the warning may occur.\n\nSome bond modes (broadcast, etc.) do not support native xdp. Set bond mode\nwith xdp program attached is not good. Add check for xdp program when set\nbond mode.\n\n    [1]\n    ------------[ cut here ]------------\n    WARNING: CPU: 0 PID: 11 at net/core/dev.c:9912 unregister_netdevice_many_notify+0x8d9/0x930\n    Modules linked in:\n    CPU: 0 UID: 0 PID: 11 Comm: kworker/u4:0 Not tainted 6.14.0-rc4 #107\n    Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\n    Workqueue: netns cleanup_net\n    RIP: 0010:unregister_netdevice_many_notify+0x8d9/0x930\n    Code: 00 00 48 c7 c6 6f e3 a2 82 48 c7 c7 d0 b3 96 82 e8 9c 10 3e ...\n    RSP: 0018:ffffc90000063d80 EFLAGS: 00000282\n    RAX: 00000000ffffffa1 RBX: ffff888004959000 RCX: 00000000ffffdfff\n    RDX: 0000000000000000 RSI: 00000000ffffffea RDI: ffffc90000063b48\n    RBP: ffffc90000063e28 R08: ffffffff82d39b28 R09: 0000000000009ffb\n    R10: 0000000000000175 R11: ffffffff82d09b40 R12: ffff8880049598e8\n    R13: 0000000000000001 R14: dead000000000100 R15: ffffc90000045000\n    FS:  0000000000000000(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000\n    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n    CR2: 000000000d406b60 CR3: 000000000483e000 CR4: 00000000000006f0\n    Call Trace:\n     \u003cTASK\u003e\n     ? __warn+0x83/0x130\n     ? unregister_netdevice_many_notify+0x8d9/0x930\n     ? report_bug+0x18e/0x1a0\n     ? handle_bug+0x54/0x90\n     ? exc_invalid_op+0x18/0x70\n     ? asm_exc_invalid_op+0x1a/0x20\n     ? unregister_netdevice_many_notify+0x8d9/0x930\n     ? bond_net_exit_batch_rtnl+0x5c/0x90\n     cleanup_net+0x237/0x3d0\n     process_one_work+0x163/0x390\n     worker_thread+0x293/0x3b0\n     ? __pfx_worker_thread+0x10/0x10\n     kthread+0xec/0x1e0\n     ? __pfx_kthread+0x10/0x10\n     ? __pfx_kthread+0x10/0x10\n     ret_from_fork+0x2f/0x50\n     ? __pfx_kthread+0x10/0x10\n     ret_from_fork_asm+0x1a/0x30\n     \u003c/TASK\u003e\n    ---[ end trace 0000000000000000 ]---"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bonding: check xdp prog when set bond mode Las siguientes operaciones pueden activar una advertencia[1]: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj af_xdp_kern.o sec xdp ip netns exec ns1 ip link set bond0 type bond mode broadcast ip netns del ns1 Cuando se elimina el espacio de nombres, se llama a dev_xdp_uninstall() para eliminar el programa xdp en bond dev, y bond_xdp_set() comprobar\u00e1 el modo bond. Si se cambia el modo bond despu\u00e9s de adjuntar el programa xdp, puede aparecer la advertencia. Algunos modos de enlace (broadcast, etc.) no admiten xdp nativo. Establecer el modo bond con el programa xdp adjunto no es bueno. Agregar verificaci\u00f3n para el programa xdp cuando se establece el modo de enlace. [1] ------------[ cortar aqu\u00ed ]------------ ADVERTENCIA: CPU: 0 PID: 11 en net/core/dev.c:9912 unregister_netdevice_many_notify+0x8d9/0x930 M\u00f3dulos vinculados: CPU: 0 UID: 0 PID: 11 Comm: kworker/u4:0 No contaminado 6.14.0-rc4 #107 Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014 Cola de trabajo: netns cleanup_net RIP: 0010:unregister_netdevice_many_notify+0x8d9/0x930 C\u00f3digo: 00 00 48 c7 c6 6f e3 a2 82 48 c7 c7 d0 b3 96 82 e8 9c 10 3e ... RSP: 0018:ffffc90000063d80 EFLAGS: 00000282 RAX: 00000000ffffffa1 RBX: ffff888004959000 RCX: 00000000ffffdfff RDX: 0000000000000000 RSI: 00000000ffffffea RDI: ffffc90000063b48 RBP: ffffc90000063e28 R08: ffffffff82d39b28 R09: 000000000009ffb R10: 0000000000000175 R11: ffffffff82d09b40 R12: ffff8880049598e8 R13: 0000000000000001 R14: muerto000000000100 R15: ffffc90000045000 FS: 000000000000000(0000) GS:ffff888007a00000(0000) knlGS:000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000d406b60 CR3: 000000000483e000 CR4: 00000000000006f0 Rastreo de llamadas:  ? __warn+0x83/0x130 ? unregister_netdevice_many_notify+0x8d9/0x930 ? report_bug+0x18e/0x1a0 ? handle_bug+0x54/0x90 ? exc_invalid_op+0x18/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? unregister_netdevice_many_notify+0x8d9/0x930 ? lote_de_salida_de_red_de_bono_rtnl+0x5c/0x90 red_de_limpieza+0x237/0x3d0 trabajo_uno_del_proceso+0x163/0x390 subproceso_de_trabajo+0x293/0x3b0 ? __pfx_subproceso_de_trabajo+0x10/0x10 subproceso_de_trabajo+0xec/0x1e0 ? __pfx_subproceso_de_trabajo+0x10/0x10 ? __pfx_subproceso_de_trabajo+0x10/0x10 ret_de_bifurcaci\u00f3n+0x2f/0x50 ? __pfx_subproceso_de_trabajo+0x10/0x10 ret_de_bifurcaci\u00f3n_asm+0x1a/0x30  ---[ fin de seguimiento 0000000000000000 ]---"
    }
  ],
  "id": "CVE-2025-22105",
  "lastModified": "2025-04-17T20:22:16.240",
  "metrics": {},
  "published": "2025-04-16T15:16:04.827",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/094ee6017ea09c11d6af187935a949df32803ce0"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/0dd4fac43bdea23cfe4bb2a3eabb76d752ac32fb"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.