| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025070324-CVE-2025-38094-1b5c@gregkh> Date: Thu, 3 Jul 2025 09:44:25 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx. From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: net: cadence: macb: Fix a possible deadlock in macb_halt_tx. There is a situation where after THALT is set high, TGO stays high as well. Because jiffies are never updated, as we are in a context with interrupts disabled, we never exit that loop and have a deadlock. That deadlock was noticed on a sama5d4 device that stayed locked for days. Use retries instead of jiffies so that the timeout really works and we do not have a deadlock anymore. The Linux kernel CVE team has assigned CVE-2025-38094 to this issue. Affected and fixed versions =========================== Issue introduced in 3.8 with commit e86cd53afc5907f7c221b709916e2dd354e14691 and fixed in 5.10.238 with commit 0772a608d799ac0d127c0a36047a2725777aba9d Issue introduced in 3.8 with commit e86cd53afc5907f7c221b709916e2dd354e14691 and fixed in 5.15.184 with commit 64675a9c00443b2e8af42af08c38fc1b78b68ba2 Issue introduced in 3.8 with commit e86cd53afc5907f7c221b709916e2dd354e14691 and fixed in 6.1.140 with commit aace6b63892ce8307e502a60fe2f5a4bc6e1cfe7 Issue introduced in 3.8 with commit e86cd53afc5907f7c221b709916e2dd354e14691 and fixed in 6.6.92 with commit 1d60c0781c1bbeaa1196b0d8aad5c435f06cb7c4 Issue introduced in 3.8 with commit e86cd53afc5907f7c221b709916e2dd354e14691 and fixed in 6.12.30 with commit 3e64d35475aa21d13dab71da51de51923c1a3a48 Issue introduced in 3.8 with commit e86cd53afc5907f7c221b709916e2dd354e14691 and fixed in 6.14.8 with commit 84f98955a9de0e0f591df85aa1a44f3ebcf1cb37 Issue introduced in 3.8 with commit e86cd53afc5907f7c221b709916e2dd354e14691 and fixed in 6.15 with commit c92d6089d8ad7d4d815ebcedee3f3907b539ff1f Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38094 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/ethernet/cadence/macb_main.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/0772a608d799ac0d127c0a36047a2725777aba9d https://git.kernel.org/stable/c/64675a9c00443b2e8af42af08c38fc1b78b68ba2 https://git.kernel.org/stable/c/aace6b63892ce8307e502a60fe2f5a4bc6e1cfe7 https://git.kernel.org/stable/c/1d60c0781c1bbeaa1196b0d8aad5c435f06cb7c4 https://git.kernel.org/stable/c/3e64d35475aa21d13dab71da51de51923c1a3a48 https://git.kernel.org/stable/c/84f98955a9de0e0f591df85aa1a44f3ebcf1cb37 https://git.kernel.org/stable/c/c92d6089d8ad7d4d815ebcedee3f3907b539ff1f
Powered by blists - more mailing lists