{"id":"CVE-2025-39956","summary":"igc: don't fail igc_probe() on LED setup error","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nigc: don't fail igc_probe() on LED setup error\n\nWhen igc_led_setup() fails, igc_probe() fails and triggers kernel panic\nin free_netdev() since unregister_netdev() is not called. [1]\nThis behavior can be tested using fault-injection framework, especially\nthe failslab feature. [2]\n\nSince LED support is not mandatory, treat LED setup failures as\nnon-fatal and continue probe with a warning message, consequently\navoiding the kernel panic.\n\n[1]\n kernel BUG at net/core/dev.c:12047!\n Oops: invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 0 UID: 0 PID: 937 Comm: repro-igc-led-e Not tainted 6.17.0-rc4-enjuk-tnguy-00865-gc4940196ab02 #64 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:free_netdev+0x278/0x2b0\n [...]\n Call Trace:\n  \u003cTASK\u003e\n  igc_probe+0x370/0x910\n  local_pci_probe+0x3a/0x80\n  pci_device_probe+0xd1/0x200\n [...]\n\n[2]\n #!/bin/bash -ex\n\n FAILSLAB_PATH=/sys/kernel/debug/failslab/\n DEVICE=0000:00:05.0\n START_ADDR=$(grep \" igc_led_setup\" /proc/kallsyms \\\n         | awk '{printf(\"0x%s\", $1)}')\n END_ADDR=$(printf \"0x%x\" $((START_ADDR + 0x100)))\n\n echo $START_ADDR \u003e $FAILSLAB_PATH/require-start\n echo $END_ADDR \u003e $FAILSLAB_PATH/require-end\n echo 1 \u003e $FAILSLAB_PATH/times\n echo 100 \u003e $FAILSLAB_PATH/probability\n echo N \u003e $FAILSLAB_PATH/ignore-gfp-wait\n\n echo $DEVICE \u003e /sys/bus/pci/drivers/igc/bind","modified":"2026-05-18T05:56:19.494859846Z","published":"2025-10-09T09:47:34.253Z","related":["SUSE-SU-2025:21080-1","SUSE-SU-2025:21147-1","SUSE-SU-2025:21180-1","openSUSE-SU-2025:20091-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39956.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/528eb4e19ec0df30d0c9ae4074ce945667dde919"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bec504867acc7315de9cd96ef9161fa52a25abe8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f05e82d8553232cef150a6dbb70ed67d162abb2b"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39956.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39956"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ea578703b03d5d651b091c39f717dc829155b520"},{"fixed":"bec504867acc7315de9cd96ef9161fa52a25abe8"},{"fixed":"f05e82d8553232cef150a6dbb70ed67d162abb2b"},{"fixed":"528eb4e19ec0df30d0c9ae4074ce945667dde919"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39956.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.9.0"},{"fixed":"6.12.49"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.16.9"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39956.json"}}],"schema_version":"1.7.5"}