CVE-2025-38720
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-04

Last updated on: 2025-11-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: hibmcge: fix rtnl deadlock issue Currently, the hibmcge netdev acquires the rtnl_lock in pci_error_handlers.reset_prepare() and releases it in pci_error_handlers.reset_done(). However, in the PCI framework: pci_reset_bus - __pci_reset_slot - pci_slot_save_and_disable_locked - pci_dev_save_and_disable - err_handler->reset_prepare(dev); In pci_slot_save_and_disable_locked(): list_for_each_entry(dev, &slot->bus->devices, bus_list) { if (!dev->slot || dev->slot!= slot) continue; pci_dev_save_and_disable(dev); if (dev->subordinate) pci_bus_save_and_disable_locked(dev->subordinate); } This will iterate through all devices under the current bus and execute err_handler->reset_prepare(), causing two devices of the hibmcge driver to sequentially request the rtnl_lock, leading to a deadlock. Since the driver now executes netif_device_detach() before the reset process, it will not concurrently with other netdev APIs, so there is no need to hold the rtnl_lock now. Therefore, this patch removes the rtnl_lock during the reset process and adjusts the position of HBG_NIC_STATE_RESETTING to ensure that multiple resets are not executed concurrently.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-04
Last Modified
2025-11-25
Generated
2026-05-27
AI Q&A
2025-09-04
EPSS Evaluated
2026-05-25
NVD
CVE-2025-38720
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.17
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-667 The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a deadlock issue in the Linux kernel's hibmcge network driver. During the PCI reset process, two devices using the hibmcge driver can sequentially request the rtnl_lock, causing a deadlock. The problem arises because the driver acquires the rtnl_lock in pci_error_handlers.reset_prepare() and releases it in reset_done(), but the PCI framework iterates through devices and calls reset_prepare() on each, leading to multiple requests for the same lock. The fix removes the need to hold the rtnl_lock during the reset process by detaching the network device beforehand, preventing concurrent netdev API calls and avoiding deadlock.


How can this vulnerability impact me? :

This vulnerability can cause a deadlock in the Linux kernel's network driver during PCI device reset operations. A deadlock can halt or severely delay system processes related to network device resets, potentially leading to system instability, degraded network performance, or unresponsiveness in affected systems.


What immediate steps should I take to mitigate this vulnerability?

Apply the patch that removes the rtnl_lock during the reset process in the hibmcge driver and adjusts the reset state handling to prevent concurrent resets. This involves updating the Linux kernel to a version that includes this fix, ensuring that the hibmcge driver no longer holds the rtnl_lock during pci_error_handlers.reset_prepare() and reset_done().


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart