CVE-2025-40342
Published: Dec 9, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing port_state and rport state nvme_fc_unregister_remote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reconnect logic, because nvme_fc_create_association is not taking a lock to check the port_state and atomically increase the active count on the rport.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e399441de9115cd472b8ace6c517708273ca7997 - < de3d91af47bc015031e7721b100a29989f6498a5affected e399441de9115cd472b8ace6c517708273ca7997 - < e8cde03de8674b05f2c5e0870729049eba517800affected e399441de9115cd472b8ace6c517708273ca7997 - < 4253e0a4546138a2bf9cb6acf66b32fee677fc7caffected e399441de9115cd472b8ace6c517708273ca7997 - < 25f4bf1f7979a7871974fd36c79d69ff1cf4b446affected e399441de9115cd472b8ace6c517708273ca7997 - < 9950af4303942081dc8c7a5fdc3688c17c7eb6c0+2 more versions |
Linux | Linux | affected 4.10unaffected 0 - < 4.10unaffected 5.10.247 - <= 5.10.*unaffected 5.15.197 - <= 5.15.*unaffected 6.1.159 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now