In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Fix missing lock on sync reset reload
On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperformed() which results in triggering lock assert like the following:
WARNING: CPU: 4 PID: 1164 at net/devlink/core.c:261 devlassertlocked+0x3e/0x50 … CPU: 4 PID: 1164 Comm: kworker/u96:6 Tainted: G S W 6.10.0-rc2+ #116 Hardware name: Supermicro SYS-2028TP-DECTR/X10DRT-PT, BIOS 2.0 12/18/2015 Workqueue: mlx5fwresetevents mlx5syncresetreloadwork [mlx5core] RIP: 0010:devlassertlocked+0x3e/0x50 … Call Trace: <TASK> ? _warn+0xa4/0x210 ? devlassertlocked+0x3e/0x50 ? reportbug+0x160/0x280 ? handlebug+0x3f/0x80 ? excinvalidop+0x17/0x40 ? asmexcinvalidop+0x1a/0x20 ? devlassertlocked+0x3e/0x50 devlinknotify+0x88/0x2b0 ? mlx5attachdevice+0x20c/0x230 [mlx5core] ? _pfxdevlinknotify+0x10/0x10 ? processonework+0x4b6/0xbb0 processone_work+0x4b6/0xbb0 […]