CVE-2026-45907
Gravedad CVSS v3.1:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
27/05/2026
Última modificación:
24/06/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net/mlx5e: Fix deadlocks between devlink and netdev instance locks<br />
<br />
In the mentioned "Fixes" commit, various work tasks triggering devlink<br />
health reporter recovery were switched to use netdev_trylock to protect<br />
against concurrent tear down of the channels being recovered. But this<br />
had the side effect of introducing potential deadlocks because of<br />
incorrect lock ordering.<br />
<br />
The correct lock order is described by the init flow:<br />
probe_one -> mlx5_init_one (acquires devlink lock)<br />
-> mlx5_init_one_devl_locked -> mlx5_register_device<br />
-> mlx5_rescan_drivers_locked -...-> mlx5e_probe -> _mlx5e_probe<br />
-> register_netdev (acquires rtnl lock)<br />
-> register_netdevice (acquires netdev lock)<br />
=> devlink lock -> rtnl lock -> netdev lock.<br />
<br />
But in the current recovery flow, the order is wrong:<br />
mlx5e_tx_err_cqe_work (acquires netdev lock)<br />
-> mlx5e_reporter_tx_err_cqe -> mlx5e_health_report<br />
-> devlink_health_report (acquires devlink lock => boom!)<br />
-> devlink_health_reporter_recover<br />
-> mlx5e_tx_reporter_recover -> mlx5e_tx_reporter_recover_from_ctx<br />
-> mlx5e_tx_reporter_err_cqe_recover<br />
<br />
The same pattern exists in:<br />
mlx5e_reporter_rx_timeout<br />
mlx5e_reporter_tx_ptpsq_unhealthy<br />
mlx5e_reporter_tx_timeout<br />
<br />
Fix these by moving the netdev_trylock calls from the work handlers<br />
lower in the call stack, in the respective recovery functions, where<br />
they are actually necessary.
Impacto
Puntuación base 3.x
5.50
Gravedad 3.x
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.16 (incluyendo) | 6.18.14 (excluyendo) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (incluyendo) | 6.19.4 (excluyendo) |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página



