CVE-2025-38720

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: hibmcge: fix rtnl deadlock issue<br /> <br /> Currently, the hibmcge netdev acquires the rtnl_lock in<br /> pci_error_handlers.reset_prepare() and releases it in<br /> pci_error_handlers.reset_done().<br /> <br /> However, in the PCI framework:<br /> pci_reset_bus - __pci_reset_slot - pci_slot_save_and_disable_locked -<br /> pci_dev_save_and_disable - err_handler-&gt;reset_prepare(dev);<br /> <br /> In pci_slot_save_and_disable_locked():<br /> list_for_each_entry(dev, &amp;slot-&gt;bus-&gt;devices, bus_list) {<br /> if (!dev-&gt;slot || dev-&gt;slot!= slot)<br /> continue;<br /> pci_dev_save_and_disable(dev);<br /> if (dev-&gt;subordinate)<br /> pci_bus_save_and_disable_locked(dev-&gt;subordinate);<br /> }<br /> <br /> This will iterate through all devices under the current bus and execute<br /> err_handler-&gt;reset_prepare(), causing two devices of the hibmcge driver<br /> to sequentially request the rtnl_lock, leading to a deadlock.<br /> <br /> Since the driver now executes netif_device_detach()<br /> before the reset process, it will not concurrently with<br /> other netdev APIs, so there is no need to hold the rtnl_lock now.<br /> <br /> Therefore, this patch removes the rtnl_lock during the reset process and<br /> adjusts the position of HBG_NIC_STATE_RESETTING to ensure<br /> that multiple resets are not executed concurrently.