CVE-2025-38720

In the Linux kernel, the following vulnerability has been resolved:

net: hibmcge: fix rtnl deadlock issue

Currently, the hibmcge netdev acquires the rtnllock in pcierrorhandlers.resetprepare() and releases it in pcierrorhandlers.reset_done().

However, in the PCI framework: pciresetbus - _pciresetslot - pcislotsaveanddisablelocked - pcidevsaveanddisable - errhandler->resetprepare(dev);

In pcislotsaveanddisablelocked(): listforeachentry(dev, &slot->bus->devices, buslist) { if (!dev->slot || dev->slot!= slot) continue; pcidevsaveanddisable(dev); if (dev->subordinate) pcibussaveanddisablelocked(dev->subordinate); }

This will iterate through all devices under the current bus and execute errhandler->resetprepare(), causing two devices of the hibmcge driver to sequentially request the rtnl_lock, leading to a deadlock.

Since the driver now executes netifdevicedetach() before the reset process, it will not concurrently with other netdev APIs, so there is no need to hold the rtnl_lock now.

Therefore, this patch removes the rtnllock during the reset process and adjusts the position of HBGNICSTATERESETTING to ensure that multiple resets are not executed concurrently.