PT-2025-33780 · Linux+5 · Linux Kernel+5

Published

2025-07-06

·

Updated

2026-04-20

·

CVE-2025-38582

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The Linux kernel contains a flaw in the RDMA/hns subsystem where rsv qp may be double destroyed during an error condition. This occurs first in free mr init() and then in hns roce exit(). The issue is addressed by moving the call to free mr init() into hns roce v2 init(). A list deletion corruption was also observed, specifically LIST POISON1. The call trace indicates involvement of functions such as hns roce qp remove, hns roce v2 destroy qp common, hns roce v2 destroy qp, free mr exit, hns roce v2 exit, and hns roce exit.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Weakness Enumeration

CWE-415

Related Identifiers

BDU:2026-01563
CVE-2025-38582
ECHO-4229-E155-F967
OESA-2025-2118
OESA-2025-2119
OESA-2025-2120
OESA-2025-2121
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03272-1
SUSE-SU-2025:03290-1
SUSE-SU-2025:03301-1
SUSE-SU-2025:03382-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20653-1
SUSE-SU-2025:20669-1
SUSE-SU-2025:20739-1
SUSE-SU-2025:20756-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_03272-1
SUSE-SU-2025_03290-1
SUSE-SU-2025_03301-1
SUSE-SU-2025_03382-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7934-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu