VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 12, 2025· Updated Apr 15, 2026

CVE-2025-40185

CVE-2025-40185

Description

In the Linux kernel, the following vulnerability has been resolved:

ice: ice_adapter: release xa entry on adapter allocation failure

When ice_adapter_new() fails, the reserved XArray entry created by xa_insert() is not released. This causes subsequent insertions at the same index to return -EBUSY, potentially leading to NULL pointer dereferences.

Reorder the operations as suggested by Przemek Kitszel: 1. Check if adapter already exists (xa_load) 2. Reserve the XArray slot (xa_reserve) 3. Allocate the adapter (ice_adapter_new) 4. Store the adapter (xa_store)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In the Linux kernel's ice driver, a missing xa_entry release on adapter allocation failure can cause NULL pointer dereferences.

Vulnerability

In the Linux kernel's ice Ethernet driver, when the ice_adapter_new() function fails, the XArray entry reserved by xa_insert() is not released. This means subsequent attempts to insert an adapter at the same index return -EBUSY, which can lead to a NULL pointer dereference if the kernel assumes the insertion succeeded [1].

Exploitation

Exploitation requires local access to trigger the allocation failure path in ice_adapter_new(). An attacker would need to cause the driver to attempt adapter allocation repeatedly, causing the kernel to dereference a NULL pointer when it uses a stale or missing adapter structure.

Impact

A successful exploitation results in a denial of service (system crash) due to the NULL pointer dereference. The vulnerability does not provide privilege escalation or remote code execution.

Mitigation

The fix reorders the operations: first check if an adapter already exists (xa_load), then reserve the XArray slot (xa_reserve), allocate the adapter, and finally store it (xa_store). This ensures the XArray entry is only reserved after a successful allocation, preventing the leak [1]. The patch has been merged into the Linux kernel stable branches. Users should apply the latest kernel updates.

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3

Patches

3
7b9269de9815
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
794abb265de3
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
2db687f3469d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.