cvelistv5 - cve-2025-39874

CVE-2025-39874 (GCVE-0-2025-39874)

Vulnerability from cvelistv5

Published

2025-09-23 06:00

Modified

2025-09-29 06:01

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTM_NEWLINK Syzkaller managed to lock the lower device via ETHTOOL_SFEATURES: netdev_lock include/linux/netdevice.h:2761 [inline] netdev_lock_ops include/net/netdev_lock.h:42 [inline] netdev_sync_lower_features net/core/dev.c:10649 [inline] __netdev_update_features+0xcb1/0x1be0 net/core/dev.c:10819 netdev_update_features+0x6d/0xe0 net/core/dev.c:10876 macsec_notify+0x2f5/0x660 drivers/net/macsec.c:4533 notifier_call_chain+0x1b3/0x3e0 kernel/notifier.c:85 call_netdevice_notifiers_extack net/core/dev.c:2267 [inline] call_netdevice_notifiers net/core/dev.c:2281 [inline] netdev_features_change+0x85/0xc0 net/core/dev.c:1570 __dev_ethtool net/ethtool/ioctl.c:3469 [inline] dev_ethtool+0x1536/0x19b0 net/ethtool/ioctl.c:3502 dev_ioctl+0x392/0x1150 net/core/dev_ioctl.c:759 It happens because lower features are out of sync with the upper: __dev_ethtool (real_dev) netdev_lock_ops(real_dev) ETHTOOL_SFEATURES __netdev_features_change netdev_sync_upper_features disable LRO on the lower if (old_features != dev->features) netdev_features_change fires NETDEV_FEAT_CHANGE macsec_notify NETDEV_FEAT_CHANGE netdev_update_features (for each macsec dev) netdev_sync_lower_features if (upper_features != lower_features) netdev_lock_ops(lower) # lower == real_dev stuck ... netdev_unlock_ops(real_dev) Per commit af5f54b0ef9e ("net: Lock lower level devices when updating features"), we elide the lock/unlock when the upper and lower features are synced. Makes sure the lower (real_dev) has proper features after the macsec link has been created. This makes sure we never hit the situation where we need to sync upper flags to the lower.

References

URL

fkie_cve-2025-39874

Vulnerability from fkie_nvd

Published

2025-09-23 06:15

Modified

2025-09-24 18:11

Severity ?

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/0f82c3ba66c6b2e3cde0f255156a753b108ee9dc
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/d7624629ccf47135c65fef0701fa0d9a115b87f3

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacsec: sync features on RTM_NEWLINK\n\nSyzkaller managed to lock the lower device via ETHTOOL_SFEATURES:\n\n netdev_lock include/linux/netdevice.h:2761 [inline]\n netdev_lock_ops include/net/netdev_lock.h:42 [inline]\n netdev_sync_lower_features net/core/dev.c:10649 [inline]\n __netdev_update_features+0xcb1/0x1be0 net/core/dev.c:10819\n netdev_update_features+0x6d/0xe0 net/core/dev.c:10876\n macsec_notify+0x2f5/0x660 drivers/net/macsec.c:4533\n notifier_call_chain+0x1b3/0x3e0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2267 [inline]\n call_netdevice_notifiers net/core/dev.c:2281 [inline]\n netdev_features_change+0x85/0xc0 net/core/dev.c:1570\n __dev_ethtool net/ethtool/ioctl.c:3469 [inline]\n dev_ethtool+0x1536/0x19b0 net/ethtool/ioctl.c:3502\n dev_ioctl+0x392/0x1150 net/core/dev_ioctl.c:759\n\nIt happens because lower features are out of sync with the upper:\n\n  __dev_ethtool (real_dev)\n    netdev_lock_ops(real_dev)\n    ETHTOOL_SFEATURES\n      __netdev_features_change\n        netdev_sync_upper_features\n          disable LRO on the lower\n    if (old_features != dev-\u003efeatures)\n      netdev_features_change\n        fires NETDEV_FEAT_CHANGE\n\tmacsec_notify\n\t  NETDEV_FEAT_CHANGE\n\t    netdev_update_features (for each macsec dev)\n\t      netdev_sync_lower_features\n\t        if (upper_features != lower_features)\n\t          netdev_lock_ops(lower) # lower == real_dev\n\t\t  stuck\n\t\t  ...\n\n    netdev_unlock_ops(real_dev)\n\nPer commit af5f54b0ef9e (\"net: Lock lower level devices when updating\nfeatures\"), we elide the lock/unlock when the upper and lower features\nare synced. Makes sure the lower (real_dev) has proper features after\nthe macsec link has been created. This makes sure we never hit the\nsituation where we need to sync upper flags to the lower."
    }
  ],
  "id": "CVE-2025-39874",
  "lastModified": "2025-09-24T18:11:24.520",
  "metrics": {},
  "published": "2025-09-23T06:15:46.813",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/0f82c3ba66c6b2e3cde0f255156a753b108ee9dc"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/d7624629ccf47135c65fef0701fa0d9a115b87f3"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

wid-sec-w-2025-2107

Vulnerability from csaf_certbund

Published

2025-09-22 22:00

Modified

2025-10-30 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder nicht näher beschriebene Auswirkungen zu erzielen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder nicht n\u00e4her beschriebene Auswirkungen zu erzielen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2107 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2107.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2107 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2107"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39867",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092357-CVE-2025-39867-51e2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39868",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092359-CVE-2025-39868-8245@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39869",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092359-CVE-2025-39869-6005@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39870",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092359-CVE-2025-39870-2af3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39871",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092300-CVE-2025-39871-3abe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39872",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092300-CVE-2025-39872-5102@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39873",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092300-CVE-2025-39873-94d3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39874",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092300-CVE-2025-39874-d462@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39875",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092300-CVE-2025-39875-6d27@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39876",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092300-CVE-2025-39876-3d4a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39877",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092301-CVE-2025-39877-1244@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39878",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092301-CVE-2025-39878-29db@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39879",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092301-CVE-2025-39879-3ed2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39880",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092301-CVE-2025-39880-17c5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39881",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092301-CVE-2025-39881-a4e1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39882",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092301-CVE-2025-39882-1d0a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39883",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092302-CVE-2025-39883-6015@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39884",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092302-CVE-2025-39884-1503@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39885",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092302-CVE-2025-39885-7e13@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39886",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092302-CVE-2025-39886-4bea@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39887",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092302-CVE-2025-39887-12f0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-39888",
        "url": "https://lore.kernel.org/linux-cve-announce/2025092303-CVE-2025-39888-3c85@gregkh/"
      },
      {
        "category": "external",
        "summary": "Google Container-Optimized OS release notes vom 2025-09-30",
        "url": "https://cloud.google.com/container-optimized-os/docs/release-notes#September_29_2025"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-20649 vom 2025-10-07",
        "url": "https://linux.oracle.com/errata/ELSA-2025-20649.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4328 vom 2025-10-13",
        "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03601-1 vom 2025-10-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022903.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03615-1 vom 2025-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BVPLWRQN6MVKFQDJSEKN2JP6PMSGIO4Q/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03614-1 vom 2025-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022911.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03600-1 vom 2025-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VHWHH7ZSMFJ6PQZ3CBDGGCWHNBCWD26Z/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03628-1 vom 2025-10-17",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O6BEPQBC4GULLYP5G3VVU4ZS37B7I6EV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03633-1 vom 2025-10-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022926.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03634-1 vom 2025-10-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022925.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:3716-1 vom 2025-10-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022962.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:3761-1 vom 2025-10-23",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MLTPAKCOQABZPEY7O35CI42PHK5WNIUQ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:3751-1 vom 2025-10-23",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NMB6RXALFYMRMM4UK7R54RAQRCZJEBH4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20861-1 vom 2025-10-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023019.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-20719 vom 2025-10-24",
        "url": "https://linux.oracle.com/errata/ELSA-2025-20719.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20851-1 vom 2025-10-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023025.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-109 vom 2025-10-27",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-109.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20870-1 vom 2025-10-27",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023060.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20898-1 vom 2025-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023116.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-10-30T23:00:00.000+00:00",
      "generator": {
        "date": "2025-10-31T09:28:35.576+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-2107",
      "initial_release_date": "2025-09-22T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-09-22T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-09-30T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-10-06T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-10-12T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-10-15T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-10-19T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-10-21T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-10-23T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-10-26T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
        },
        {
          "date": "2025-10-27T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Amazon und SUSE aufgenommen"
        },
        {
          "date": "2025-10-30T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "11"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Google Container-Optimized OS",
            "product": {
              "name": "Google Container-Optimized OS",
              "product_id": "1607324",
              "product_identification_helper": {
                "cpe": "cpe:/o:google:container-optimized_os:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Google"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T028463",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:unspecified"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-49202",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49202"
    },
    {
      "cve": "CVE-2022-49205",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49205"
    },
    {
      "cve": "CVE-2022-49214",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49214"
    },
    {
      "cve": "CVE-2022-49222",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49222"
    },
    {
      "cve": "CVE-2022-49228",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49228"
    },
    {
      "cve": "CVE-2022-49234",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49234"
    },
    {
      "cve": "CVE-2022-49244",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49244"
    },
    {
      "cve": "CVE-2022-49245",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49245"
    },
    {
      "cve": "CVE-2022-49246",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49246"
    },
    {
      "cve": "CVE-2022-49248",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49248"
    },
    {
      "cve": "CVE-2022-49249",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49249"
    },
    {
      "cve": "CVE-2022-49250",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49250"
    },
    {
      "cve": "CVE-2022-49251",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49251"
    },
    {
      "cve": "CVE-2022-49252",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49252"
    },
    {
      "cve": "CVE-2022-49253",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49253"
    },
    {
      "cve": "CVE-2022-49254",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49254"
    },
    {
      "cve": "CVE-2022-49256",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49256"
    },
    {
      "cve": "CVE-2022-49257",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49257"
    },
    {
      "cve": "CVE-2022-49261",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49261"
    },
    {
      "cve": "CVE-2022-49262",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49262"
    },
    {
      "cve": "CVE-2022-49263",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49263"
    },
    {
      "cve": "CVE-2022-49268",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49268"
    },
    {
      "cve": "CVE-2022-49271",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49271"
    },
    {
      "cve": "CVE-2022-49272",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49272"
    },
    {
      "cve": "CVE-2022-49274",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49274"
    },
    {
      "cve": "CVE-2022-49278",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49278"
    },
    {
      "cve": "CVE-2022-49283",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49283"
    },
    {
      "cve": "CVE-2022-49285",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49285"
    },
    {
      "cve": "CVE-2022-49286",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49286"
    },
    {
      "cve": "CVE-2022-49289",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49289"
    },
    {
      "cve": "CVE-2022-49292",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49292"
    },
    {
      "cve": "CVE-2022-49320",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49320"
    },
    {
      "cve": "CVE-2022-49325",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49325"
    },
    {
      "cve": "CVE-2022-49330",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49330"
    },
    {
      "cve": "CVE-2022-49337",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49337"
    },
    {
      "cve": "CVE-2022-49339",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49339"
    },
    {
      "cve": "CVE-2022-49345",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49345"
    },
    {
      "cve": "CVE-2022-49347",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49347"
    },
    {
      "cve": "CVE-2022-49350",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49350"
    },
    {
      "cve": "CVE-2022-49379",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49379"
    },
    {
      "cve": "CVE-2022-49393",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49393"
    },
    {
      "cve": "CVE-2022-49396",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49396"
    },
    {
      "cve": "CVE-2022-49397",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49397"
    },
    {
      "cve": "CVE-2022-49401",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49401"
    },
    {
      "cve": "CVE-2022-49407",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49407"
    },
    {
      "cve": "CVE-2022-49409",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49409"
    },
    {
      "cve": "CVE-2022-49415",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49415"
    },
    {
      "cve": "CVE-2022-49417",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49417"
    },
    {
      "cve": "CVE-2022-49421",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2022-49421"
    },
    {
      "cve": "CVE-2025-10843",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-10843"
    },
    {
      "cve": "CVE-2025-39867",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39867"
    },
    {
      "cve": "CVE-2025-39868",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39868"
    },
    {
      "cve": "CVE-2025-39869",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39869"
    },
    {
      "cve": "CVE-2025-39870",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39870"
    },
    {
      "cve": "CVE-2025-39871",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39871"
    },
    {
      "cve": "CVE-2025-39872",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39872"
    },
    {
      "cve": "CVE-2025-39873",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39873"
    },
    {
      "cve": "CVE-2025-39874",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39874"
    },
    {
      "cve": "CVE-2025-39875",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39875"
    },
    {
      "cve": "CVE-2025-39876",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39876"
    },
    {
      "cve": "CVE-2025-39877",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39877"
    },
    {
      "cve": "CVE-2025-39878",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39878"
    },
    {
      "cve": "CVE-2025-39879",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39879"
    },
    {
      "cve": "CVE-2025-39880",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39880"
    },
    {
      "cve": "CVE-2025-39881",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39881"
    },
    {
      "cve": "CVE-2025-39882",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39882"
    },
    {
      "cve": "CVE-2025-39883",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39883"
    },
    {
      "cve": "CVE-2025-39884",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39884"
    },
    {
      "cve": "CVE-2025-39885",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39885"
    },
    {
      "cve": "CVE-2025-39886",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39886"
    },
    {
      "cve": "CVE-2025-39887",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39887"
    },
    {
      "cve": "CVE-2025-39888",
      "product_status": {
        "known_affected": [
          "T028463",
          "2951",
          "T002207",
          "398363",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2025-09-22T22:00:00.000+00:00",
      "title": "CVE-2025-39888"
    }
  ]
}

ghsa-rmcq-9vcc-9423

Vulnerability from github

Published

2025-09-23 06:30

Modified

2025-09-23 06:30

Details

In the Linux kernel, the following vulnerability has been resolved:

macsec: sync features on RTM_NEWLINK

Syzkaller managed to lock the lower device via ETHTOOL_SFEATURES:

netdev_lock include/linux/netdevice.h:2761 [inline] netdev_lock_ops include/net/netdev_lock.h:42 [inline] netdev_sync_lower_features net/core/dev.c:10649 [inline] __netdev_update_features+0xcb1/0x1be0 net/core/dev.c:10819 netdev_update_features+0x6d/0xe0 net/core/dev.c:10876 macsec_notify+0x2f5/0x660 drivers/net/macsec.c:4533 notifier_call_chain+0x1b3/0x3e0 kernel/notifier.c:85 call_netdevice_notifiers_extack net/core/dev.c:2267 [inline] call_netdevice_notifiers net/core/dev.c:2281 [inline] netdev_features_change+0x85/0xc0 net/core/dev.c:1570 __dev_ethtool net/ethtool/ioctl.c:3469 [inline] dev_ethtool+0x1536/0x19b0 net/ethtool/ioctl.c:3502 dev_ioctl+0x392/0x1150 net/core/dev_ioctl.c:759

It happens because lower features are out of sync with the upper:

__dev_ethtool (real_dev) netdev_lock_ops(real_dev) ETHTOOL_SFEATURES __netdev_features_change netdev_sync_upper_features disable LRO on the lower if (old_features != dev->features) netdev_features_change fires NETDEV_FEAT_CHANGE macsec_notify NETDEV_FEAT_CHANGE netdev_update_features (for each macsec dev) netdev_sync_lower_features if (upper_features != lower_features) netdev_lock_ops(lower) # lower == real_dev stuck ...

netdev_unlock_ops(real_dev)

Per commit af5f54b0ef9e ("net: Lock lower level devices when updating features"), we elide the lock/unlock when the upper and lower features are synced. Makes sure the lower (real_dev) has proper features after the macsec link has been created. This makes sure we never hit the situation where we need to sync upper flags to the lower.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-39874"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-23T06:15:46Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacsec: sync features on RTM_NEWLINK\n\nSyzkaller managed to lock the lower device via ETHTOOL_SFEATURES:\n\n netdev_lock include/linux/netdevice.h:2761 [inline]\n netdev_lock_ops include/net/netdev_lock.h:42 [inline]\n netdev_sync_lower_features net/core/dev.c:10649 [inline]\n __netdev_update_features+0xcb1/0x1be0 net/core/dev.c:10819\n netdev_update_features+0x6d/0xe0 net/core/dev.c:10876\n macsec_notify+0x2f5/0x660 drivers/net/macsec.c:4533\n notifier_call_chain+0x1b3/0x3e0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2267 [inline]\n call_netdevice_notifiers net/core/dev.c:2281 [inline]\n netdev_features_change+0x85/0xc0 net/core/dev.c:1570\n __dev_ethtool net/ethtool/ioctl.c:3469 [inline]\n dev_ethtool+0x1536/0x19b0 net/ethtool/ioctl.c:3502\n dev_ioctl+0x392/0x1150 net/core/dev_ioctl.c:759\n\nIt happens because lower features are out of sync with the upper:\n\n  __dev_ethtool (real_dev)\n    netdev_lock_ops(real_dev)\n    ETHTOOL_SFEATURES\n      __netdev_features_change\n        netdev_sync_upper_features\n          disable LRO on the lower\n    if (old_features != dev-\u003efeatures)\n      netdev_features_change\n        fires NETDEV_FEAT_CHANGE\n\tmacsec_notify\n\t  NETDEV_FEAT_CHANGE\n\t    netdev_update_features (for each macsec dev)\n\t      netdev_sync_lower_features\n\t        if (upper_features != lower_features)\n\t          netdev_lock_ops(lower) # lower == real_dev\n\t\t  stuck\n\t\t  ...\n\n    netdev_unlock_ops(real_dev)\n\nPer commit af5f54b0ef9e (\"net: Lock lower level devices when updating\nfeatures\"), we elide the lock/unlock when the upper and lower features\nare synced. Makes sure the lower (real_dev) has proper features after\nthe macsec link has been created. This makes sure we never hit the\nsituation where we need to sync upper flags to the lower.",
  "id": "GHSA-rmcq-9vcc-9423",
  "modified": "2025-09-23T06:30:27Z",
  "published": "2025-09-23T06:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39874"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0f82c3ba66c6b2e3cde0f255156a753b108ee9dc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d7624629ccf47135c65fef0701fa0d9a115b87f3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-39874 (GCVE-0-2025-39874)

Vulnerability from cvelistv5

fkie_cve-2025-39874

Vulnerability from fkie_nvd

wid-sec-w-2025-2107

Vulnerability from csaf_certbund

ghsa-rmcq-9vcc-9423

Vulnerability from github

Tags

Sightings

Nomenclature