CVE-2025-22092

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> PCI: Fix NULL dereference in SR-IOV VF creation error path<br /> <br /> Clean up when virtfn setup fails to prevent NULL pointer dereference<br /> during device removal. The kernel oops below occurred due to incorrect<br /> error handling flow when pci_setup_device() fails.<br /> <br /> Add pci_iov_scan_device(), which handles virtfn allocation and setup and<br /> cleans up if pci_setup_device() fails, so pci_iov_add_virtfn() doesn&amp;#39;t need<br /> to call pci_stop_and_remove_bus_device(). This prevents accessing<br /> partially initialized virtfn devices during removal.<br /> <br /> BUG: kernel NULL pointer dereference, address: 00000000000000d0<br /> RIP: 0010:device_del+0x3d/0x3d0<br /> Call Trace:<br /> pci_remove_bus_device+0x7c/0x100<br /> pci_iov_add_virtfn+0xfa/0x200<br /> sriov_enable+0x208/0x420<br /> mlx5_core_sriov_configure+0x6a/0x160 [mlx5_core]<br /> sriov_numvfs_store+0xae/0x1a0<br /> <br /> [bhelgaas: commit log, return ERR_PTR(-ENOMEM) directly]