CVE-2025-38402

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> idpf: return 0 size for RSS key if not supported<br /> <br /> Returning -EOPNOTSUPP from function returning u32 is leading to<br /> cast and invalid size value as a result.<br /> <br /> -EOPNOTSUPP as a size probably will lead to allocation fail.<br /> <br /> Command: ethtool -x eth0<br /> It is visible on all devices that don&amp;#39;t have RSS caps set.<br /> <br /> [ 136.615917] Call Trace:<br /> [ 136.615921] <br /> [ 136.615927] ? __warn+0x89/0x130<br /> [ 136.615942] ? __alloc_frozen_pages_noprof+0x322/0x330<br /> [ 136.615953] ? report_bug+0x164/0x190<br /> [ 136.615968] ? handle_bug+0x58/0x90<br /> [ 136.615979] ? exc_invalid_op+0x17/0x70<br /> [ 136.615987] ? asm_exc_invalid_op+0x1a/0x20<br /> [ 136.616001] ? rss_prepare_get.constprop.0+0xb9/0x170<br /> [ 136.616016] ? __alloc_frozen_pages_noprof+0x322/0x330<br /> [ 136.616028] __alloc_pages_noprof+0xe/0x20<br /> [ 136.616038] ___kmalloc_large_node+0x80/0x110<br /> [ 136.616072] __kmalloc_large_node_noprof+0x1d/0xa0<br /> [ 136.616081] __kmalloc_noprof+0x32c/0x4c0<br /> [ 136.616098] ? rss_prepare_get.constprop.0+0xb9/0x170<br /> [ 136.616105] rss_prepare_get.constprop.0+0xb9/0x170<br /> [ 136.616114] ethnl_default_doit+0x107/0x3d0<br /> [ 136.616131] genl_family_rcv_msg_doit+0x100/0x160<br /> [ 136.616147] genl_rcv_msg+0x1b8/0x2c0<br /> [ 136.616156] ? __pfx_ethnl_default_doit+0x10/0x10<br /> [ 136.616168] ? __pfx_genl_rcv_msg+0x10/0x10<br /> [ 136.616176] netlink_rcv_skb+0x58/0x110<br /> [ 136.616186] genl_rcv+0x28/0x40<br /> [ 136.616195] netlink_unicast+0x19b/0x290<br /> [ 136.616206] netlink_sendmsg+0x222/0x490<br /> [ 136.616215] __sys_sendto+0x1fd/0x210<br /> [ 136.616233] __x64_sys_sendto+0x24/0x30<br /> [ 136.616242] do_syscall_64+0x82/0x160<br /> [ 136.616252] ? __sys_recvmsg+0x83/0xe0<br /> [ 136.616265] ? syscall_exit_to_user_mode+0x10/0x210<br /> [ 136.616275] ? do_syscall_64+0x8e/0x160<br /> [ 136.616282] ? __count_memcg_events+0xa1/0x130<br /> [ 136.616295] ? count_memcg_events.constprop.0+0x1a/0x30<br /> [ 136.616306] ? handle_mm_fault+0xae/0x2d0<br /> [ 136.616319] ? do_user_addr_fault+0x379/0x670<br /> [ 136.616328] ? clear_bhb_loop+0x45/0xa0<br /> [ 136.616340] ? clear_bhb_loop+0x45/0xa0<br /> [ 136.616349] ? clear_bhb_loop+0x45/0xa0<br /> [ 136.616359] entry_SYSCALL_64_after_hwframe+0x76/0x7e<br /> [ 136.616369] RIP: 0033:0x7fd30ba7b047<br /> [ 136.616376] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d bd d5 0c 00 00 41 89 ca 74 10 b8 2c 00 00 00 0f 05 3d 00 f0 ff ff 77 71 c3 55 48 83 ec 30 44 89 4c 24 2c 4c 89 44<br /> [ 136.616381] RSP: 002b:00007ffde1796d68 EFLAGS: 00000202 ORIG_RAX: 000000000000002c<br /> [ 136.616388] RAX: ffffffffffffffda RBX: 000055d7bd89f2a0 RCX: 00007fd30ba7b047<br /> [ 136.616392] RDX: 0000000000000028 RSI: 000055d7bd89f3b0 RDI: 0000000000000003<br /> [ 136.616396] RBP: 00007ffde1796e10 R08: 00007fd30bb4e200 R09: 000000000000000c<br /> [ 136.616399] R10: 0000000000000000 R11: 0000000000000202 R12: 000055d7bd89f340<br /> [ 136.616403] R13: 000055d7bd89f3b0 R14: 000055d78943f200 R15: 0000000000000000