CVE-2025-40164

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> usbnet: Fix using smp_processor_id() in preemptible code warnings<br /> <br /> Syzbot reported the following warning:<br /> <br /> BUG: using smp_processor_id() in preemptible [00000000] code: dhcpcd/2879<br /> caller is usbnet_skb_return+0x74/0x490 drivers/net/usb/usbnet.c:331<br /> CPU: 1 UID: 0 PID: 2879 Comm: dhcpcd Not tainted 6.15.0-rc4-syzkaller-00098-g615dca38c2ea #0 PREEMPT(voluntary)<br /> Call Trace:<br /> <br /> __dump_stack lib/dump_stack.c:94 [inline]<br /> dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120<br /> check_preemption_disabled+0xd0/0xe0 lib/smp_processor_id.c:49<br /> usbnet_skb_return+0x74/0x490 drivers/net/usb/usbnet.c:331<br /> usbnet_resume_rx+0x4b/0x170 drivers/net/usb/usbnet.c:708<br /> usbnet_change_mtu+0x1be/0x220 drivers/net/usb/usbnet.c:417<br /> __dev_set_mtu net/core/dev.c:9443 [inline]<br /> netif_set_mtu_ext+0x369/0x5c0 net/core/dev.c:9496<br /> netif_set_mtu+0xb0/0x160 net/core/dev.c:9520<br /> dev_set_mtu+0xae/0x170 net/core/dev_api.c:247<br /> dev_ifsioc+0xa31/0x18d0 net/core/dev_ioctl.c:572<br /> dev_ioctl+0x223/0x10e0 net/core/dev_ioctl.c:821<br /> sock_do_ioctl+0x19d/0x280 net/socket.c:1204<br /> sock_ioctl+0x42f/0x6a0 net/socket.c:1311<br /> vfs_ioctl fs/ioctl.c:51 [inline]<br /> __do_sys_ioctl fs/ioctl.c:906 [inline]<br /> __se_sys_ioctl fs/ioctl.c:892 [inline]<br /> __x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892<br /> do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]<br /> do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94<br /> entry_SYSCALL_64_after_hwframe+0x77/0x7f<br /> <br /> For historical and portability reasons, the netif_rx() is usually<br /> run in the softirq or interrupt context, this commit therefore add<br /> local_bh_disable/enable() protection in the usbnet_resume_rx().