{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T06:59:34.706","vulnerabilities":[{"cve":{"id":"CVE-2025-38127","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-07-03T09:15:26.923","lastModified":"2025-11-20T21:32:54.540","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix Tx scheduler error handling in XDP callback\n\nWhen the XDP program is loaded, the XDP callback adds new Tx queues.\nThis means that the callback must update the Tx scheduler with the new\nqueue number. In the event of a Tx scheduler failure, the XDP callback\nshould also fail and roll back any changes previously made for XDP\npreparation.\n\nThe previous implementation had a bug that not all changes made by the\nXDP callback were rolled back. This caused the crash with the following\ncall trace:\n\n[  +9.549584] ice 0000:ca:00.0: Failed VSI LAN queue config for XDP, error: -5\n[  +0.382335] Oops: general protection fault, probably for non-canonical address 0x50a2250a90495525: 0000 [#1] SMP NOPTI\n[  +0.010710] CPU: 103 UID: 0 PID: 0 Comm: swapper/103 Not tainted 6.14.0-net-next-mar-31+ #14 PREEMPT(voluntary)\n[  +0.010175] Hardware name: Intel Corporation M50CYP2SBSTD/M50CYP2SBSTD, BIOS SE5C620.86B.01.01.0005.2202160810 02/16/2022\n[  +0.010946] RIP: 0010:__ice_update_sample+0x39/0xe0 [ice]\n\n[...]\n\n[  +0.002715] Call Trace:\n[  +0.002452]  <IRQ>\n[  +0.002021]  ? __die_body.cold+0x19/0x29\n[  +0.003922]  ? die_addr+0x3c/0x60\n[  +0.003319]  ? exc_general_protection+0x17c/0x400\n[  +0.004707]  ? asm_exc_general_protection+0x26/0x30\n[  +0.004879]  ? __ice_update_sample+0x39/0xe0 [ice]\n[  +0.004835]  ice_napi_poll+0x665/0x680 [ice]\n[  +0.004320]  __napi_poll+0x28/0x190\n[  +0.003500]  net_rx_action+0x198/0x360\n[  +0.003752]  ? update_rq_clock+0x39/0x220\n[  +0.004013]  handle_softirqs+0xf1/0x340\n[  +0.003840]  ? sched_clock_cpu+0xf/0x1f0\n[  +0.003925]  __irq_exit_rcu+0xc2/0xe0\n[  +0.003665]  common_interrupt+0x85/0xa0\n[  +0.003839]  </IRQ>\n[  +0.002098]  <TASK>\n[  +0.002106]  asm_common_interrupt+0x26/0x40\n[  +0.004184] RIP: 0010:cpuidle_enter_state+0xd3/0x690\n\nFix this by performing the missing unmapping of XDP queues from\nq_vectors and setting the XDP rings pointer back to NULL after all those\nqueues are released.\nAlso, add an immediate exit from the XDP callback in case of ring\npreparation failure."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: corrección del manejo de errores del programador de Tx en la devolución de llamada XDP. Al cargar el programa XDP, la devolución de llamada XDP añade nuevas colas de Tx. Esto significa que la devolución de llamada debe actualizar el programador de Tx con el nuevo número de cola. En caso de fallo del programador de Tx, la devolución de llamada XDP también debería fallar y revertir cualquier cambio realizado previamente para la preparación de XDP. La implementación anterior presentaba un error que impedía revertir todos los cambios realizados por la devolución de llamada XDP. Esto provocó el bloqueo con el siguiente seguimiento de llamada: [ +9.549584] ice 0000:ca:00.0: Failed VSI LAN queue config for XDP, error: -5 [ +0.382335] Oops: general protection fault, probably for non-canonical address 0x50a2250a90495525: 0000 [#1] SMP NOPTI [ +0.010710] CPU: 103 UID: 0 PID: 0 Comm: swapper/103 Not tainted 6.14.0-net-next-mar-31+ #14 PREEMPT(voluntary) [ +0.010175] Hardware name: Intel Corporation M50CYP2SBSTD/M50CYP2SBSTD, BIOS SE5C620.86B.01.01.0005.2202160810 02/16/2022 [ +0.010946] RIP: 0010:__ice_update_sample+0x39/0xe0 [ice] [...] [ +0.002715] Call Trace: [ +0.002452]  [ +0.002021] ? __die_body.cold+0x19/0x29 [ +0.003922] ? die_addr+0x3c/0x60 [ +0.003319] ? exc_general_protection+0x17c/0x400 [ +0.004707] ? asm_exc_general_protection+0x26/0x30 [ +0.004879] ? __ice_update_sample+0x39/0xe0 [ice] [ +0.004835] ice_napi_poll+0x665/0x680 [ice] [ +0.004320] __napi_poll+0x28/0x190 [ +0.003500] net_rx_action+0x198/0x360 [ +0.003752] ? update_rq_clock+0x39/0x220 [ +0.004013] handle_softirqs+0xf1/0x340 [ +0.003840] ? sched_clock_cpu+0xf/0x1f0 [ +0.003925] __irq_exit_rcu+0xc2/0xe0 [ +0.003665] common_interrupt+0x85/0xa0 [ +0.003839]  [ +0.002098]  [ +0.002106] asm_common_interrupt+0x26/0x40 [ +0.004184] RIP: 0010:cpuidle_enter_state+0xd3/0x690. Para solucionar este problema, realice la desasignación de colas XDP de q_vectors y restablezca el puntero de anillos XDP a NULL después de liberar todas esas colas. Además, añada una salida inmediata de la devolución de llamada XDP en caso de un fallo en la preparación del anillo."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"6.6.94","matchCriteriaId":"9698FB8D-81AC-452A-A7BC-FEAF8047C4C6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.34","matchCriteriaId":"4FFA54AA-CDFE-4591-BD07-72813D0948F4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.15.3","matchCriteriaId":"0541C761-BD5E-4C1A-8432-83B375D7EB92"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0153f36041b8e52019ebfa8629c13bf8f9b0a951","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0e061abaad1498c5b76c10c594d4359ceb6b9145","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1d3c5d0dec6797eca3a861dab0816fa9505d9c3e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/276849954d7cbe6eec827b21fe2df43f9bf07011","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}