Description

In the Linux kernel, the following vulnerability has been resolved: e1000: Move cancel_work_sync to avoid deadlock Previously, e1000_down called cancel_work_sync for the e1000 reset task (via e1000_down_and_stop), which takes RTNL. As reported by users and syzbot, a deadlock is possible in the following scenario: CPU 0: - RTNL is held - e1000_close - e1000_down - cancel_work_sync (cancel / wait for e1000_reset_task()) CPU 1: - process_one_work - e1000_reset_task - take RTNL To remedy this, avoid calling cancel_work_sync from e1000_down (e1000_reset_task does nothing if the device is down anyway). Instead, call cancel_work_sync for e1000_reset_task when the device is being removed.

INFO

Published Date :

2025-07-03T08:35:23.047Z

Last Modified :

2025-07-28T04:12:32.203Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38114 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38114.

URL Resource
https://git.kernel.org/stable/c/1fd4438ddcc4958ed24662d5125114299e19bae4 cve-icon cve-icon
https://git.kernel.org/stable/c/b4a8085ceefb7bbb12c2b71c55e71fc946c6929f cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025070325-CVE-2025-38114-c603@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38114 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38114 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact