CVE-2025-22010 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allocating bt pages and mapping them with buffer pages. When a large buffer (e.g. MR over 100GB) is being allocated, it may require a considerable loop count. This will lead to soft lockup: watchdog: BUG: soft lockup - CPU#27 stuck for 22s! ... Call trace: hem_list_alloc_mid_bt+0x124/0x394 [hns_roce_hw_v2] hns_roce_hem_list_request+0xf8/0x160 [hns_roce_hw_v2] hns_roce_mtr_create+0x2e4/0x360 [hns_roce_hw_v2] alloc_mr_pbl+0xd4/0x17c [hns_roce_hw_v2] hns_roce_reg_user_mr+0xf8/0x190 [hns_roce_hw_v2] ib_uverbs_reg_mr+0x118/0x290 watchdog: BUG: soft lockup - CPU#35 stuck for 23s! ... Call trace: hns_roce_hem_list_find_mtt+0x7c/0xb0 [hns_roce_hw_v2] mtr_map_bufs+0xc4/0x204 [hns_roce_hw_v2] hns_roce_mtr_create+0x31c/0x3c4 [hns_roce_hw_v2] alloc_mr_pbl+0xb0/0x160 [hns_roce_hw_v2] hns_roce_reg_user_mr+0x108/0x1c0 [hns_roce_hw_v2] ib_uverbs_reg_mr+0x120/0x2bc Add a cond_resched() to fix soft lockup during these loops. In order not to affect the allocation performance of normal-size buffer, set the loop count of a 100GB MR as the threshold to call cond_resched().

Reserved 2024-12-29 | Published 2025-04-08 | Updated 2025-05-04 | Assigner Linux

Product status

Default status

unaffected

38389eaa4db192648916464b60f6086d6bbaa6de before 461eb4ddede266df8f181f578732bb01742c3fd6

affected

38389eaa4db192648916464b60f6086d6bbaa6de before efe544462fc0b499725364f90bd0f8bbf16f861a

affected

38389eaa4db192648916464b60f6086d6bbaa6de before 4104b0023ff66b5df900d23dbf38310893deca79

affected

38389eaa4db192648916464b60f6086d6bbaa6de before 975355faba56c0751292ed15a90c3e2c7dc0aad6

affected

38389eaa4db192648916464b60f6086d6bbaa6de before 13a52f6c9ff99f7d88f81da535cb4e85eade662b

affected

38389eaa4db192648916464b60f6086d6bbaa6de before 9ab20fec7a1ce3057ad86afd27bfd08420b7cd11

affected

38389eaa4db192648916464b60f6086d6bbaa6de before 25655580136de59ec89f09089dd28008ea440fc9

affected

Default status

affected

5.3

affected

Any version before 5.3

unaffected

5.10.236

unaffected

5.15.180

unaffected

6.1.132

unaffected

6.6.85

unaffected

6.12.21

unaffected

6.13.9

unaffected

6.14

unaffected

References

git.kernel.org/...c/461eb4ddede266df8f181f578732bb01742c3fd6

git.kernel.org/...c/efe544462fc0b499725364f90bd0f8bbf16f861a

git.kernel.org/...c/4104b0023ff66b5df900d23dbf38310893deca79

git.kernel.org/...c/975355faba56c0751292ed15a90c3e2c7dc0aad6

git.kernel.org/...c/13a52f6c9ff99f7d88f81da535cb4e85eade662b

git.kernel.org/...c/9ab20fec7a1ce3057ad86afd27bfd08420b7cd11

git.kernel.org/...c/25655580136de59ec89f09089dd28008ea440fc9

cve.org (CVE-2025-22010)

nvd.nist.gov (CVE-2025-22010)

Download JSON