CVE-2025-38551 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnl_lock() during probe() The deadlock appears in a stack trace like: virtnet_probe() rtnl_lock() virtio_config_changed_work() netdev_notify_peers() rtnl_lock() It happens if the VMM sends a VIRTIO_NET_S_ANNOUNCE request while the virtio-net driver is still probing. The config_work in probe() will get scheduled until virtnet_open() enables the config change notification via virtio_config_driver_enable().

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/3859f137b3c1fa1f0031d54263234566bdcdd7aa
https://git.kernel.org/stable/c/4e7c46362550b229354aeb52038f414e231b0037
https://git.kernel.org/stable/c/be5dcaed694e4255dc02dd0acfe036708c535def

History

Sat, 16 Aug 2025 11:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnl_lock() during probe() The deadlock appears in a stack trace like: virtnet_probe() rtnl_lock() virtio_config_changed_work() netdev_notify_peers() rtnl_lock() It happens if the VMM sends a VIRTIO_NET_S_ANNOUNCE request while the virtio-net driver is still probing. The config_work in probe() will get scheduled until virtnet_open() enables the config change notification via virtio_config_driver_enable().
Title		virtio-net: fix recursived rtnl_lock() during probe()
References		https://git.kernel.org/stable/c/3859f137b3c1fa1f0031d54263234566bdcdd7aa https://git.kernel.org/stable/c/4e7c46362550b229354aeb52038f414e231b0037 https://git.kernel.org/stable/c/be5dcaed694e4255dc02dd0acfe036708c535def

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-08-16T11:34:19.544Z

Updated: 2025-08-16T11:34:19.544Z

Reserved: 2025-04-16T04:51:24.024Z

Link: CVE-2025-38551

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-08-16T12:15:31.267

Modified: 2025-08-16T12:15:31.267

Link: CVE-2025-38551

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38551", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:24.024Z", "datePublished": "2025-08-16T11:34:19.544Z", "dateUpdated": "2025-08-16T11:34:19.544Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-08-16T11:34:19.544Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: fix recursived rtnl_lock() during probe()\n\nThe deadlock appears in a stack trace like:\n\n virtnet_probe()\n rtnl_lock()\n virtio_config_changed_work()\n netdev_notify_peers()\n rtnl_lock()\n\nIt happens if the VMM sends a VIRTIO_NET_S_ANNOUNCE request while the\nvirtio-net driver is still probing.\n\nThe config_work in probe() will get scheduled until virtnet_open() enables\nthe config change notification via virtio_config_driver_enable()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/virtio_net.c"], "versions": [{"version": "df28de7b00502761eba62490f413c65c9b175ed9", "lessThan": "4e7c46362550b229354aeb52038f414e231b0037", "status": "affected", "versionType": "git"}, {"version": "df28de7b00502761eba62490f413c65c9b175ed9", "lessThan": "3859f137b3c1fa1f0031d54263234566bdcdd7aa", "status": "affected", "versionType": "git"}, {"version": "df28de7b00502761eba62490f413c65c9b175ed9", "lessThan": "be5dcaed694e4255dc02dd0acfe036708c535def", "status": "affected", "versionType": "git"}, {"version": "cb06b26bb2e6d2c6a32f65f7bb1b7dcbe033d675", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/virtio_net.c"], "versions": [{"version": "6.12", "status": "affected"}, {"version": "0", "lessThan": "6.12", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.40", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.8", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "6.12.40"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "6.15.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "6.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.11.2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/4e7c46362550b229354aeb52038f414e231b0037"}, {"url": "https://git.kernel.org/stable/c/3859f137b3c1fa1f0031d54263234566bdcdd7aa"}, {"url": "https://git.kernel.org/stable/c/be5dcaed694e4255dc02dd0acfe036708c535def"}], "title": "virtio-net: fix recursived rtnl_lock() during probe()", "x_generator": {"engine": "bippy-1.2.0"}}}}