CVE-2025-22010

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Apr 8, 2025

Updated: Apr 10, 2025

CWE ID 667

Summary

CVE-2025-22010 is a vulnerability affecting the Linux kernel that can result in a soft lockup during the allocation of large RDMA/hns buffers. The issue arises when the driver, specifically hns_roce_hw_v2, runs a for-loop while allocating and mapping bt pages, which can lead to a significant loop count and subsequent soft lockups. This can result in CPU freezes and system instability. To mitigate this issue, a cond_resched() call has been added to the affected loops, with a threshold of 100GB MR as the trigger point to avoid impacting normal buffer allocation performance.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/5DXTgn
https://www.cve.org/CVERecord?id=CVE-2025-22010
https://nvd.nist.gov/vuln/detail/CVE-2025-22010

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2025-22010

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations