CVE-2025-38537
16.08.2025, 12:15
In the Linux kernel, the following vulnerability has been resolved:
net: phy: Don't register LEDs for genphy
If a PHY has no driver, the genphy driver is probed/removed directly in
phy_attach/detach. If the PHY's ofnode has an "leds" subnode, then the
LEDs will be (un)registered when probing/removing the genphy driver.
This could occur if the leds are for a non-generic driver that isn't
loaded for whatever reason. Synchronously removing the PHY device in
phy_detach leads to the following deadlock:
rtnl_lock()
ndo_close()
...
phy_detach()
phy_remove()
phy_leds_unregister()
led_classdev_unregister()
led_trigger_set()
netdev_trigger_deactivate()
unregister_netdevice_notifier()
rtnl_lock()
There is a corresponding deadlock on the open/register side of things
(and that one is reported by lockdep), but it requires a race while this
one is deterministic.
Generic PHYs do not support LEDs anyway, so don't bother registering
them.Enginsight| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.4 ≤ 𝑥 < 6.6.100 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.40 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.15.8 |
| linux | linux_kernel | 6.16:rc1 |
| linux | linux_kernel | 6.16:rc2 |
| linux | linux_kernel | 6.16:rc3 |
| linux | linux_kernel | 6.16:rc4 |
| linux | linux_kernel | 6.16:rc5 |
| linux | linux_kernel | 6.16:rc6 |
𝑥
= Vulnerable software versions
Debian Releases