What is the severity of CVE-2025-21662?

CVE-2025-21662 has not been assigned a severity score yet, but it addresses important functionality in command handling.

How do I fix CVE-2025-21662?

You can fix CVE-2025-21662 by updating to the latest version of the Linux Kernel that includes the patch.

Which versions of the Linux Kernel are affected by CVE-2025-21662?

Specific affected versions are not mentioned, but it is recommended to check the latest Linux Kernel updates for resolutions to this vulnerability.

What are the symptoms of CVE-2025-21662?

The main issue related to CVE-2025-21662 can lead to incomplete variable handling during command processing in the Linux Kernel.

Is CVE-2025-21662 being actively exploited?

There is no current public information indicating that CVE-2025-21662 is actively exploited in the wild.

Vulnerability/
CVE-2025-21662

EPSS

0.045%

21/1/2025

CVE-2025-21662: net/mlx5: Fix variable not being completed when function returns

First published: Tue Jan 21 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix variable not being completed when function returns When cmd_alloc_index(), fails cmd_work_handler() needs to complete ent->slotted before returning early. Otherwise the task which issued the command may hang: mlx5_core 0000:01:00.0: cmd_work_handler:877:(pid 3880418): failed to allocate command entry INFO: task kworker/13:2:4055883 blocked for more than 120 seconds. Not tainted 4.19.90-25.44.v2101.ky10.aarch64 #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/13:2 D 0 4055883 2 0x00000228 Workqueue: events mlx5e_tx_dim_work [mlx5_core] Call trace: __switch_to+0xe8/0x150 __schedule+0x2a8/0x9b8 schedule+0x2c/0x88 schedule_timeout+0x204/0x478 wait_for_common+0x154/0x250 wait_for_completion+0x28/0x38 cmd_exec+0x7a0/0xa00 [mlx5_core] mlx5_cmd_exec+0x54/0x80 [mlx5_core] mlx5_core_modify_cq+0x6c/0x80 [mlx5_core] mlx5_core_modify_cq_moderation+0xa0/0xb8 [mlx5_core] mlx5e_tx_dim_work+0x54/0x68 [mlx5_core] process_one_work+0x1b0/0x448 worker_thread+0x54/0x468 kthread+0x134/0x138 ret_from_fork+0x10/0x18

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-21662?
CVE-2025-21662 has not been assigned a severity score yet, but it addresses important functionality in command handling.
How do I fix CVE-2025-21662?
You can fix CVE-2025-21662 by updating to the latest version of the Linux Kernel that includes the patch.
Which versions of the Linux Kernel are affected by CVE-2025-21662?
Specific affected versions are not mentioned, but it is recommended to check the latest Linux Kernel updates for resolutions to this vulnerability.
What are the symptoms of CVE-2025-21662?
The main issue related to CVE-2025-21662 can lead to incomplete variable handling during command processing in the Linux Kernel.
Is CVE-2025-21662 being actively exploited?
There is no current public information indicating that CVE-2025-21662 is actively exploited in the wild.

collector/mitre-cve
source/MITRE
agent/references
agent/title
agent/first-publish-date
agent/description
agent/type
collector/nvd-api
source/NVD
agent/last-modified-date
agent/author
agent/event
agent/source
collector/epss-latest
source/FIRST
agent/epss
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel