CVE-2025-38582
📋 TL;DR
This CVE describes a double-free vulnerability in the Linux kernel's RDMA (Remote Direct Memory Access) subsystem for Huawei hns hardware. The vulnerability occurs when error handling causes the rsv_qp resource to be destroyed twice, potentially leading to memory corruption and kernel panic. Systems using affected Linux kernel versions with RDMA/hns hardware support are vulnerable.
💻 Affected Systems
- Linux kernel with hns RDMA driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially allowing privilege escalation if combined with other vulnerabilities.
Likely Case
System instability, kernel crashes, or denial of service affecting RDMA functionality.
If Mitigated
Limited impact if RDMA is not used or if proper error handling prevents triggering the vulnerable code path.
🎯 Exploit Status
Exploitation requires triggering specific error conditions in RDMA initialization/cleanup flow. No known public exploits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing fixes from git commits: 10b083dbba22be19baa848432b6f25aa68ab2db5, c6957b95ecc5b63c5a4bb4ecc28af326cf8f6dc8, dab173bae3303f074f063750a8dead2550d8c782, fc8b0f5b16bab2e032b4cfcd6218d5df3b80b2ea
Vendor Advisory: https://git.kernel.org/stable/c/10b083dbba22be19baa848432b6f25aa68ab2db5
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify RDMA/hns functionality works correctly.
🔧 Temporary Workarounds
Disable RDMA/hns module
linuxPrevent loading of the vulnerable hns_roce_hw_v2 kernel module
echo 'blacklist hns_roce_hw_v2' >> /etc/modprobe.d/blacklist.conf
rmmod hns_roce_hw_v2
🧯 If You Can't Patch
- Disable RDMA functionality if not required
- Implement monitoring for kernel panic/crash events related to RDMA operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if hns_roce_hw_v2 module is loaded: lsmod | grep hns_roce_hw_v2Check Version:
uname -rVerify Fix Applied:
Check kernel version contains fix commits and test RDMA functionality without crashes📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- list_del corruption warnings
- hns_roce module error messages in dmesg
Network Indicators:
- RDMA connection failures
- Unexpected RDMA service interruptions
SIEM Query:
source="kernel" AND ("list_del corruption" OR "hns_roce" AND (panic OR error OR warning))