CVE-2025-38287
CVE-2025-38287 affects the Linux kernel InfiniBand subsystem (IB_cm). The issue occurs when freeing old cm_priv_msg via cm_free_priv_msg() after cm_id has advanced, where a lock held assertion and WARN triggers due to reuse of the cm_id lock. This could allow a local attacker to trigger a denial ...