CVE-2025-40259
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/12/2025
Last modified:
04/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
scsi: sg: Do not sleep in atomic context<br />
<br />
sg_finish_rem_req() calls blk_rq_unmap_user(). The latter function may<br />
sleep. Hence, call sg_finish_rem_req() with interrupts enabled instead<br />
of disabled.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/11eeee00c94d770d4e45364060b5f1526dfe567b
- https://git.kernel.org/stable/c/6983d8375c040bb449d2187f4a57a20de01244fe
- https://git.kernel.org/stable/c/90449f2d1e1f020835cba5417234636937dd657e
- https://git.kernel.org/stable/c/b2c0340cfa25c5c1f65e8590cc1a2dc97d14ef0f
- https://git.kernel.org/stable/c/b343cee5df7e750d9033fba33e96fc4399fa88a5