CVE-2026-53323
Received Received - Intake
Linux Kernel DSA Conduit Ethtool Deadlock Fix

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops DSA replaces the conduit (master) device's ethtool_ops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again inside the DSA wrappers causes a deadlock. Stumbled upon this when booting qemu with fbnic and CONFIG_NET_DSA_LOOP=y (which looks like some kind of testing device that auto-populates the ports of eth0). `ethtool -i` is enough to deadlock. This means we have basically zero coverage for DSA stuff with real ops locked devs. Remove the redundant netdev_lock_ops()/netdev_unlock_ops() calls from the DSA conduit ethtool wrappers.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-27
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-53323
EUVD
EUVD-2026-39858
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

The vulnerability is caused by redundant locking in the DSA conduit ethtool wrappers, which leads to deadlocks.

Immediate mitigation involves updating the Linux kernel to a version where this issue is resolved by removing the redundant netdev_lock_ops()/netdev_unlock_ops() calls from the DSA conduit ethtool wrappers.

Executive Summary

This vulnerability exists in the Linux kernel's Distributed Switch Architecture (DSA) implementation. The issue arises because the DSA replaces the conduit (master) device's ethtool operations with its own wrappers that aggregate statistics from both the conduit and DSA switch ports. However, these wrappers redundantly take a network device lock (netdev_lock_ops) again, which leads to a deadlock situation.

The deadlock occurs when the lock is taken twice inside the DSA wrappers, causing the system to hang, for example, when running 'ethtool -i' on certain configurations like qemu with fbnic and CONFIG_NET_DSA_LOOP=y. The fix involved removing these redundant lock and unlock calls from the DSA conduit ethtool wrappers.

Impact Analysis

This vulnerability can cause a deadlock in the Linux kernel networking stack when using DSA devices, effectively causing the system or network interface to hang during certain operations such as querying device information with 'ethtool -i'.

Such a deadlock can lead to loss of network connectivity or system responsiveness related to network device management, potentially impacting system stability and availability.

Detection Guidance

This vulnerability can cause a deadlock when using ethtool commands on devices using the DSA conduit ethtool wrappers.

A practical way to detect this issue is to run the command `ethtool -i` on the affected network interfaces. If the system deadlocks or hangs during this command, it indicates the presence of the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53323. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart