CVE-2025-23140: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-23140 is a vulnerability discovered in the Linux kernel related to interrupt handling in the PCI endpoint test module. The issue was first reported and documented on May 1, 2025, affecting various Linux distributions including Debian and Ubuntu (Wiz Security, NVD CVE).

The vulnerability occurs when devm_request_irq() fails with an error in pci_endpoint_test_request_irq(). The issue arises because pci_endpoint_test_free_irq_vectors() is called assuming all IRQs have been released, however, some requested IRQs remain unreleased. This results in remaining /proc/irq/* entries and triggers a WARN() message indicating a non-empty directory 'irq/30' leaking 'pci-endpoint-test.0'. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Red Hat Security).

The vulnerability affects the Linux kernel's interrupt handling mechanism, specifically in the PCI endpoint test module. While the immediate impact appears to be system warnings and potential resource leaks, it could lead to system instability or resource exhaustion (Wiz Security).

The issue has been resolved by setting the number of remaining IRQs to test->num_irqs and releasing IRQs in advance by calling pci_endpoint_test_release_irq(). Fixed versions are available in Linux kernel 6.1.135-1 for Debian bookworm and 6.12.25-1 for Debian sid (Debian Security).