CVE-2025-40347
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: enetc: fix the deadlock of enetc_mdio_lock
After applying the workaround for err050089, the LS1028A platform experiences RCU stalls on RT kernel. This issue is caused by the recursive acquisition of the read lock enetc_mdio_lock. Here list some of the call stacks identified under the enetc_poll path that may lead to a deadlock:
enetc_poll -> enetc_lock_mdio -> enetc_clean_rx_ring OR napi_complete_done -> napi_gro_receive -> enetc_start_xmit -> enetc_lock_mdio -> enetc_map_tx_buffs -> enetc_unlock_mdio -> enetc_unlock_mdio
After enetc_poll acquires the read lock, a higher-priority writer attempts to acquire the lock, causing preemption. The writer detects that a read lock is already held and is scheduled out. However, readers under enetc_poll cannot acquire the read lock again because a writer is already waiting, leading to a thread hang.
Currently, the deadlock is avoided by adjusting enetc_lock_mdio to prevent recursive lock acquisition.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 6d36ecdbc4410e61a0e02adc5d3abeee22a8ffd3 < a649161526736f48bcc592e3a412e5bcd7dd9e24 | affected |
| Linux | Linux | 6d36ecdbc4410e61a0e02adc5d3abeee22a8ffd3 < 2781ca82ce8cad263d80b617addb727e6a84c9e5 | affected |
| Linux | Linux | 6d36ecdbc4410e61a0e02adc5d3abeee22a8ffd3 < 1f92f5bd057a4fad9dab6af17963cdd21e5da6ed | affected |
| Linux | Linux | 6d36ecdbc4410e61a0e02adc5d3abeee22a8ffd3 < 2e55a49dc3b2a6b23329e4fbbd8a5feb20e220aa | affected |
| Linux | Linux | 6d36ecdbc4410e61a0e02adc5d3abeee22a8ffd3 < 50bd33f6b3922a6b760aa30d409cae891cec8fb5 | affected |
| Linux | Linux | bf9c564716a13dde6a990d3b02c27cd6e39608bf | affected |
| Linux | Linux | ff966263f5f9fdf9740f03fed0762ce73c230a6a | affected |
| Linux | Linux | 5.10.24 < 5.11 | affected |
| Linux | Linux | 5.11.7 < 5.12 | affected |
| Linux | Linux | 5.12 | affected |
| Linux | Linux | 0 < 5.12 | unaffected |
| Linux | Linux | 6.1.175 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.115 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.56 <= 6.12.* | unaffected |
| Linux | Linux | 6.17.6 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/a649161526736f48bcc592e3a412e5bcd7dd9e24
- https://git.kernel.org/stable/c/2781ca82ce8cad263d80b617addb727e6a84c9e5
- https://git.kernel.org/stable/c/1f92f5bd057a4fad9dab6af17963cdd21e5da6ed
- https://git.kernel.org/stable/c/2e55a49dc3b2a6b23329e4fbbd8a5feb20e220aa
- https://git.kernel.org/stable/c/50bd33f6b3922a6b760aa30d409cae891cec8fb5
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.