CVE-2025-38114 Information

Jul 04, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

e1000: Move cancel_work_sync to avoid deadlock

Previously e1000_down called cancel_work_sync for the e1000 reset task (via e1000_down_and_stop) which takes RTNL.

As reported by users and syzbot a deadlock is possible in the following scenario:

CPU 0:

RTNL is held
e1000_close
e1000_down
cancel_work_sync (cancel / wait for e1000_reset_task())

CPU 1:

process_one_work
e1000_reset_task
take RTNL

To remedy this avoid calling cancel_work_sync from e1000_down (e1000_reset_task does nothing if the device is down anyway). Instead call cancel_work_sync for e1000_reset_task when the device is being removed.

Reference

https://git.kernel.org/stable/c/1fd4438ddcc4958ed24662d5125114299e19bae4 https://git.kernel.org/stable/c/b4a8085ceefb7bbb12c2b71c55e71fc946c6929f

CNNVD-202507-199 (Published: 2025-07-03)

Share on:

CVE-2025-38114 Information

Description

Reference

Related CNNVD