CVE-2025-21650: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's HNS3 network driver has been identified and assigned CVE-2025-21650. The issue was discovered in January 2025 and affects the TQP BAR space access in the hclge_fetch_pf_reg function. The vulnerability specifically impacts the HiSilicon Network Subsystem v3 (HNS3) driver when handling TQP (Transmit Queue Pairs) space information (NVD, Kernel Git).

The vulnerability stems from improper handling of TQP BAR space segments in the hclge_fetch_pf_reg function. The TQP BAR space is divided into two segments: TQPs 0-1023 and TQPs 1024-1279, which reside in different BAR space addresses. The function fails to properly distinguish between these segments when reading TQP space information, leading to bar space overwriting when the number of TQPs exceeds 1024. This results in a kernel paging request error at virtual address ffff800037200000 (Kernel Git).

When exploited, this vulnerability can cause the kernel to fail to handle paging requests properly, potentially leading to system instability or crashes. The issue manifests particularly when accessing TQP space information with queue numbers greater than 1024, causing bar space overwriting (NVD).

The issue has been fixed by modifying the hclge_fetch_pf_reg function to use tqp.io_base directly when reading queue information, as this approach properly handles the different BAR space segments. The fix was implemented in the Linux kernel through a patch that addresses the bar space access issue (Kernel Git).