{"id":"AZL-66515","summary":"CVE-2025-38576 affecting package kernel for versions less than 6.6.104.2-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe.  Also clean\nup a few minor formatting / readability issues.","modified":"2026-04-01T05:20:59.433322Z","published":"2025-08-19T17:15:34Z","upstream":["CVE-2025-38576"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38576"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.104.2-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-66515.json"}}],"schema_version":"1.7.5"}