{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-40164","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T07:20:57.176Z","datePublished":"2025-11-12T10:26:23.482Z","dateUpdated":"2026-05-11T21:43:58.825Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:43:58.825Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: Fix using smp_processor_id() in preemptible code warnings\n\nSyzbot reported the following warning:\n\nBUG: using smp_processor_id() in preemptible [00000000] code: dhcpcd/2879\ncaller is usbnet_skb_return+0x74/0x490 drivers/net/usb/usbnet.c:331\nCPU: 1 UID: 0 PID: 2879 Comm: dhcpcd Not tainted 6.15.0-rc4-syzkaller-00098-g615dca38c2ea #0 PREEMPT(voluntary)\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120\n check_preemption_disabled+0xd0/0xe0 lib/smp_processor_id.c:49\n usbnet_skb_return+0x74/0x490 drivers/net/usb/usbnet.c:331\n usbnet_resume_rx+0x4b/0x170 drivers/net/usb/usbnet.c:708\n usbnet_change_mtu+0x1be/0x220 drivers/net/usb/usbnet.c:417\n __dev_set_mtu net/core/dev.c:9443 [inline]\n netif_set_mtu_ext+0x369/0x5c0 net/core/dev.c:9496\n netif_set_mtu+0xb0/0x160 net/core/dev.c:9520\n dev_set_mtu+0xae/0x170 net/core/dev_api.c:247\n dev_ifsioc+0xa31/0x18d0 net/core/dev_ioctl.c:572\n dev_ioctl+0x223/0x10e0 net/core/dev_ioctl.c:821\n sock_do_ioctl+0x19d/0x280 net/socket.c:1204\n sock_ioctl+0x42f/0x6a0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFor historical and portability reasons, the netif_rx() is usually\nrun in the softirq or interrupt context, this commit therefore add\nlocal_bh_disable/enable() protection in the usbnet_resume_rx()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/usb/usbnet.c"],"versions":[{"version":"43daa96b166c3cf5ff30dfac0c5efa2620e4beab","lessThan":"65d04291adf7c59338f87aab9c6fe0bfa9993e64","status":"affected","versionType":"git"},{"version":"43daa96b166c3cf5ff30dfac0c5efa2620e4beab","lessThan":"f45fffae5e2549bd0a4670cc52a15ad54c9f121e","status":"affected","versionType":"git"},{"version":"43daa96b166c3cf5ff30dfac0c5efa2620e4beab","lessThan":"17fbad93879e87a334062882b45fa727ba1b3dd7","status":"affected","versionType":"git"},{"version":"43daa96b166c3cf5ff30dfac0c5efa2620e4beab","lessThan":"d1944bab8e0c1511f0cbf364aa06547735bb0ddb","status":"affected","versionType":"git"},{"version":"43daa96b166c3cf5ff30dfac0c5efa2620e4beab","lessThan":"0134c7bff14bd50314a4f92b182850ddfc38e255","status":"affected","versionType":"git"},{"version":"43daa96b166c3cf5ff30dfac0c5efa2620e4beab","lessThan":"327cd4b68b4398b6c24f10eb2b2533ffbfc10185","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/usb/usbnet.c"],"versions":[{"version":"4.7","status":"affected"},{"version":"0","lessThan":"4.7","status":"unaffected","versionType":"semver"},{"version":"5.15.199","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.162","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.122","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.64","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.17.5","lessThanOrEqual":"6.17.*","status":"unaffected","versionType":"semver"},{"version":"6.18","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.15.199"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.1.162"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.6.122"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.12.64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.17.5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.18"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/65d04291adf7c59338f87aab9c6fe0bfa9993e64"},{"url":"https://git.kernel.org/stable/c/f45fffae5e2549bd0a4670cc52a15ad54c9f121e"},{"url":"https://git.kernel.org/stable/c/17fbad93879e87a334062882b45fa727ba1b3dd7"},{"url":"https://git.kernel.org/stable/c/d1944bab8e0c1511f0cbf364aa06547735bb0ddb"},{"url":"https://git.kernel.org/stable/c/0134c7bff14bd50314a4f92b182850ddfc38e255"},{"url":"https://git.kernel.org/stable/c/327cd4b68b4398b6c24f10eb2b2533ffbfc10185"}],"title":"usbnet: Fix using smp_processor_id() in preemptible code warnings","x_generator":{"engine":"bippy-1.2.0"}}}}