CVE-2025-38114

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> e1000: Move cancel_work_sync to avoid deadlock<br /> <br /> Previously, e1000_down called cancel_work_sync for the e1000 reset task<br /> (via e1000_down_and_stop), which takes RTNL.<br /> <br /> As reported by users and syzbot, a deadlock is possible in the following<br /> scenario:<br /> <br /> CPU 0:<br /> - RTNL is held<br /> - e1000_close<br /> - e1000_down<br /> - cancel_work_sync (cancel / wait for e1000_reset_task())<br /> <br /> CPU 1:<br /> - process_one_work<br /> - e1000_reset_task<br /> - take RTNL<br /> <br /> To remedy this, avoid calling cancel_work_sync from e1000_down<br /> (e1000_reset_task does nothing if the device is down anyway). Instead,<br /> call cancel_work_sync for e1000_reset_task when the device is being<br /> removed.