CVE-2025-21714

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the RDMA/mlx5 issue

Description A use-after-free issue has been identified in the Linux kernel, specifically in the RDMA/mlx5 component. This issue can cause a double queueing of implicit ODP mr destroy work, leading to a user-after-free error. The error occurs when the kernel attempts to invalidate an mr twice, resulting in a refcount t underflow. This issue can be triggered by queuing a MR work destroy twice, with the second work potentially executing after the MR has been freed due to the first work.

Recommendations For Linux kernel versions prior to the version that includes the fix for the RDMA/mlx5 issue, consider applying the patch that fixes the implicit ODP use after free issue to prevent the use-after-free error. As a temporary workaround, consider disabling the RDMA/mlx5 component until a patched version of the kernel is available.