CVE-2025-40219

Linux Kernel - Deadlock in SR-IOV Enable/Disable via Rescan-Remove Lock

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd ("PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV") tried to fix a race between the VF removal inside sriov_del_vfs() and concurrent hot unplug by taking the PCI rescan/remove lock in sriov_del_vfs(). Similarly the PCI rescan/remove lock was also taken in sriov_add_vfs() to protect addition of VFs. This approach however causes deadlock on trying to remove PFs with SR-IOV enabled because PFs disable SR-IOV during removal and this removal happens under the PCI rescan/remove lock. So the original fix had to be reverted. Instead of taking the PCI rescan/remove lock in sriov_add_vfs() and sriov_del_vfs(), fix the race that occurs with SR-IOV enable and disable vs hotplug higher up in the callchain by taking the lock in sriov_numvfs_store() before calling into the driver's sriov_configure() callback.

Scores

EPSS 0.0019
EPSS Percentile 9.3%

Details

Status published
Products (49)
linux/Kernel 5.0.0 - 5.10.252linux
linux/Kernel 5.0.0 - 5.4.301linux
linux/Kernel 5.11.0 - 5.15.195linux
linux/Kernel 5.11.0 - 5.15.202linux
linux/Kernel 5.16.0 - 6.1.157linux
linux/Kernel 5.16.0 - 6.1.165linux
linux/Kernel 5.5.0 - 5.10.246linux
linux/Kernel 6.13.0 - 6.17.4linux
linux/Kernel 6.13.0 - 6.18.16linux
linux/Kernel 6.19.0 - 6.19.6linux
... and 39 more
Published Dec 04, 2025
Tracked Since Feb 18, 2026