N/A - CVE-2025-21888

Executive Summary

Informations
Name	CVE-2025-21888	First vendor Publication	2025-03-27
Vendor	Cve	Last vendor Modification	2025-03-27

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score	N/A	Attack Range	N/A
Cvss Impact Score	N/A	Attack Complexity	N/A
Cvss Expoit Score	N/A	Authentication	N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

RDMA/mlx5: Fix a WARN during dereg_mr for DM type

Memory regions (MR) of type DM (device memory) do not have an associated umem.

In the __mlx5_ib_dereg_mr() -> mlx5_free_priv_descs() flow, the code incorrectly takes the wrong branch, attempting to call dma_unmap_single() on a DMA address that is not mapped.

This results in a WARN [1], as shown below.

The issue is resolved by properly accounting for the DM type and ensuring the correct branch is selected in mlx5_free_priv_descs().

[1] WARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90 Modules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core CPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 RIP: 0010:iommu_dma_unmap_page+0x79/0x90 Code: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff <0f> 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00 RSP: 0018:ffffc90001913a10 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 RBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000 FS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? __warn+0x84/0x190 ? iommu_dma_unmap_page+0x79/0x90 ? report_bug+0xf8/0x1c0 ? handle_bug+0x55/0x90 ? exc_invalid_op+0x13/0x60 ? asm_exc_invalid_op+0x16/0x20 ? iommu_dma_unmap_page+0x79/0x90 dma_unmap_page_attrs+0xe6/0x290 mlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib] __mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib] ? _raw_spin_unlock_irq+0x24/0x40 ? wait_for_completion+0xfe/0x130 ? rdma_restrack_put+0x63/0xe0 [ib_core] ib_dereg_mr_user+0x5f/0x120 [ib_core] ? lock_release+0xc6/0x280 destroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs] uverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs] uobj_destroy+0x3f/0x70 [ib_uverbs] ib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs] ? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs] ? lock_acquire+0xc1/0x2f0 ? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs] ? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs] ? lock_release+0xc6/0x280 ib_uverbs_ioctl+0xe7/0x170 [ib_uverbs] ? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs] __x64_sys_ioctl+0x1b0/0xa70 do_syscall_64+0x6b/0x140 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f537adaf17b Code: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48 RSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b RDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003 RBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270 R10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190 R13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21888

Sources (Detail)

https://git.kernel.org/stable/c/0bd34bdd468e93a779c403de3cf7d43ee633b3e0
https://git.kernel.org/stable/c/abc7b3f1f056d69a8f11d6dceecc0c9549ace770
https://git.kernel.org/stable/c/f1298cad47ae29828c5c5be77e733ccfcaef6a7f

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2025-04-21 05:53:06	Multiple Updates
2025-04-21 05:52:40	Multiple Updates
2025-04-20 14:17:25	Multiple Updates
2025-04-20 14:17:11	Multiple Updates
2025-04-20 07:31:08	Multiple Updates
2025-04-20 07:30:49	Multiple Updates
2025-04-19 14:17:42	Multiple Updates
2025-04-19 14:17:27	Multiple Updates
2025-04-19 06:17:29	Multiple Updates
2025-04-19 06:17:15	Multiple Updates
2025-04-18 16:36:05	Multiple Updates
2025-04-18 16:35:52	Multiple Updates
2025-04-18 03:17:53	Multiple Updates
2025-04-18 03:17:37	Multiple Updates
2025-04-17 14:17:17	Multiple Updates
2025-04-17 14:17:03	Multiple Updates
2025-04-17 06:47:43	Multiple Updates
2025-04-17 06:47:26	Multiple Updates
2025-04-16 14:22:57	Multiple Updates
2025-04-16 14:22:43	Multiple Updates
2025-04-16 07:05:38	Multiple Updates
2025-04-16 07:05:23	Multiple Updates
2025-04-15 14:18:48	Multiple Updates
2025-04-15 14:18:33	Multiple Updates
2025-04-15 05:10:11	Multiple Updates
2025-04-15 05:09:57	Multiple Updates
2025-04-14 15:57:27	Multiple Updates
2025-04-14 15:57:14	Multiple Updates
2025-04-14 04:56:53	Multiple Updates
2025-04-14 04:56:05	Multiple Updates
2025-04-13 15:25:10	Multiple Updates
2025-04-13 15:24:56	Multiple Updates
2025-04-13 03:26:21	Multiple Updates
2025-04-13 03:26:06	Multiple Updates
2025-04-12 14:17:24	Multiple Updates
2025-04-12 14:17:11	Multiple Updates
2025-04-12 04:33:23	Multiple Updates
2025-04-12 04:32:58	Multiple Updates
2025-04-11 14:45:03	Multiple Updates
2025-04-11 14:44:49	Multiple Updates
2025-04-11 03:25:15	Multiple Updates
2025-04-11 03:25:01	Multiple Updates
2025-04-10 14:19:48	Multiple Updates
2025-04-10 14:19:34	Multiple Updates
2025-04-10 03:35:25	Multiple Updates
2025-04-10 03:35:09	Multiple Updates
2025-04-09 14:19:35	Multiple Updates
2025-04-09 14:19:21	Multiple Updates
2025-04-09 03:20:45	Multiple Updates
2025-04-09 03:20:32	Multiple Updates
2025-04-08 14:16:11	Multiple Updates
2025-04-08 14:15:58	Multiple Updates
2025-04-08 03:22:07	Multiple Updates
2025-04-08 03:21:53	Multiple Updates
2025-04-07 14:15:29	Multiple Updates
2025-04-07 14:15:15	Multiple Updates
2025-04-07 03:16:16	Multiple Updates
2025-04-07 03:16:02	Multiple Updates
2025-04-06 14:15:20	Multiple Updates
2025-04-06 14:15:06	Multiple Updates
2025-04-06 03:17:39	Multiple Updates
2025-04-06 03:17:25	Multiple Updates
2025-04-05 14:18:49	Multiple Updates
2025-04-05 14:18:35	Multiple Updates
2025-04-05 03:22:35	Multiple Updates
2025-04-05 03:22:21	Multiple Updates
2025-04-04 14:16:56	Multiple Updates
2025-04-04 14:16:42	Multiple Updates
2025-04-04 03:15:49	Multiple Updates
2025-04-04 03:15:35	Multiple Updates
2025-04-03 15:09:52	Multiple Updates
2025-04-03 15:09:32	Multiple Updates
2025-04-03 03:14:52	Multiple Updates
2025-04-03 03:14:38	Multiple Updates
2025-04-02 14:15:32	Multiple Updates
2025-04-02 14:15:19	Multiple Updates
2025-04-02 03:15:43	Multiple Updates
2025-04-02 03:15:30	Multiple Updates
2025-04-01 14:15:21	Multiple Updates
2025-04-01 14:15:07	Multiple Updates
2025-03-31 17:20:34	Multiple Updates
2025-03-27 17:20:56	First insertion