1. Home
  2. Vulnerabilities
  3. CVE-2025-40343
0.0
NA
CVE-2025-40343
nvmet-fc: avoid scheduling association deletion twice
Description

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmet_port_subsys_drop_link() first calls nvmet_port_del_ctrls() and then nvmet_disable_port(). Both functions will eventually schedule all remaining associations for deletion. The current implementation checks whether an association is about to be removed, but only after the work item has already been scheduled. As a result, it is possible for the first scheduled work item to free all resources, and then for the same work item to be scheduled again for deletion. Because the association list is an RCU list, it is not possible to take a lock and remove the list entry directly, so it cannot be looked up again. Instead, a flag (terminating) must be used to determine whether the association is already in the process of being deleted.

INFO

Published Date :

Dec. 9, 2025, 4:17 p.m.

Last Modified :

Dec. 9, 2025, 6:36 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2025-40343 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
Solution
Update the Linux kernel to prevent duplicate association deletion scheduling.
  • Apply the kernel patch for nvmet-fc.
  • Update the Linux kernel to the latest version.
  • Schedule association deletion only once.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-40343.

URL Resource
https://git.kernel.org/stable/c/04d17540ef51e2c291eb863ca87fd332259b2d40
https://git.kernel.org/stable/c/2f4852db87e25d4e226b25cb6f652fef9504360e
https://git.kernel.org/stable/c/601ed47b2363c24d948d7bac0c23abc8bd459570
https://git.kernel.org/stable/c/85e2ce1920cb511d57aae59f0df6ff85b28bf04d
https://git.kernel.org/stable/c/c09ac9a63fc3aaf4670ad7b5e4f5afd764424154
https://git.kernel.org/stable/c/f2537be4f8421f6495edfa0bc284d722f253841d
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-40343 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-40343 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-40343 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2025-40343 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 09, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmet_port_subsys_drop_link() first calls nvmet_port_del_ctrls() and then nvmet_disable_port(). Both functions will eventually schedule all remaining associations for deletion. The current implementation checks whether an association is about to be removed, but only after the work item has already been scheduled. As a result, it is possible for the first scheduled work item to free all resources, and then for the same work item to be scheduled again for deletion. Because the association list is an RCU list, it is not possible to take a lock and remove the list entry directly, so it cannot be looked up again. Instead, a flag (terminating) must be used to determine whether the association is already in the process of being deleted.
    Added Reference https://git.kernel.org/stable/c/04d17540ef51e2c291eb863ca87fd332259b2d40
    Added Reference https://git.kernel.org/stable/c/2f4852db87e25d4e226b25cb6f652fef9504360e
    Added Reference https://git.kernel.org/stable/c/601ed47b2363c24d948d7bac0c23abc8bd459570
    Added Reference https://git.kernel.org/stable/c/85e2ce1920cb511d57aae59f0df6ff85b28bf04d
    Added Reference https://git.kernel.org/stable/c/c09ac9a63fc3aaf4670ad7b5e4f5afd764424154
    Added Reference https://git.kernel.org/stable/c/f2537be4f8421f6495edfa0bc284d722f253841d
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.