CVE-2025-38720
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-04

Last updated on: 2025-11-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: hibmcge: fix rtnl deadlock issue Currently, the hibmcge netdev acquires the rtnl_lock in pci_error_handlers.reset_prepare() and releases it in pci_error_handlers.reset_done(). However, in the PCI framework: pci_reset_bus - __pci_reset_slot - pci_slot_save_and_disable_locked - pci_dev_save_and_disable - err_handler->reset_prepare(dev); In pci_slot_save_and_disable_locked(): list_for_each_entry(dev, &slot->bus->devices, bus_list) { if (!dev->slot || dev->slot!= slot) continue; pci_dev_save_and_disable(dev); if (dev->subordinate) pci_bus_save_and_disable_locked(dev->subordinate); } This will iterate through all devices under the current bus and execute err_handler->reset_prepare(), causing two devices of the hibmcge driver to sequentially request the rtnl_lock, leading to a deadlock. Since the driver now executes netif_device_detach() before the reset process, it will not concurrently with other netdev APIs, so there is no need to hold the rtnl_lock now. Therefore, this patch removes the rtnl_lock during the reset process and adjusts the position of HBG_NIC_STATE_RESETTING to ensure that multiple resets are not executed concurrently.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-04
Last Modified
2025-11-25
Generated
2026-06-16
AI Q&A
2025-09-04
EPSS Evaluated
2026-06-14
NVD
CVE-2025-38720
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.17
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-667 The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a deadlock issue in the Linux kernel's hibmcge network driver. During the PCI reset process, two devices using the hibmcge driver can sequentially request the rtnl_lock, causing a deadlock. The problem arises because the driver acquires the rtnl_lock in pci_error_handlers.reset_prepare() and releases it in reset_done(), but the PCI framework iterates through devices and calls reset_prepare() on each, leading to multiple requests for the same lock. The fix removes the need to hold the rtnl_lock during the reset process by detaching the network device beforehand, preventing concurrent netdev API calls and avoiding deadlock.

Impact Analysis

This vulnerability can cause a deadlock in the Linux kernel's network driver during PCI device reset operations. A deadlock can halt or severely delay system processes related to network device resets, potentially leading to system instability, degraded network performance, or unresponsiveness in affected systems.

Mitigation Strategies

Apply the patch that removes the rtnl_lock during the reset process in the hibmcge driver and adjusts the reset state handling to prevent concurrent resets. This involves updating the Linux kernel to a version that includes this fix, ensuring that the hibmcge driver no longer holds the rtnl_lock during pci_error_handlers.reset_prepare() and reset_done().

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-38720. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart