CVE-2025-21701: Resolved Linux Kernel Vulnerability in net: Avoid Race Between Device Unregistration and ethnl ops

In the Linux kernel, a vulnerability has been found and resolved, which belongs to the net subsystem. The issue stems from a race condition between device unregistration and ethnl operations. This vulnerability will be assigned as CVE-2025-21701 for future references and tracking purposes, as it can lead to potential system issues or security risks.

A trace of the vulnerability can be seen if a device is being unregistered while its number of channels is being modified simultaneously. The Linux kernel would throw a warning with details about the lock, PID, CPU, and several function calls related to the ethnl operations and device unregistration.

This issue occurs because the unregister_netdevice_many_notify function might run before the rtnl lock section of ethnl operations. Running ethnl operations while the device dismantling process has started might, in general, result in unexpected behaviors. In the given example, this would lead to the rss lock being destroyed before it is used again.

To fix this vulnerability, any operation on devices being unregistered must be denied. There was already a check for this in the ethnl_ops_begin function, but it was not significant enough to cover all scenarios.

It should be noted that this issue cannot be seen on the ioctl version (__dev_ethtool) as the device reference is retrieved from within the rtnl lock section there. Once the dismantling process has started, the net device is unlisted, and no reference will be found.

Original References

- Linux Kernel commit fixing the vulnerability
- Linux Kernel Mailing List (LKML) discussion about the issue

Exploit Details

Currently, there are no known exploits taking advantage of this vulnerability. However, it is essential to update Linux Kernel to the latest version or apply necessary patches to ensure the systems are not vulnerable to any attacks leveraging this issue in the future.

In conclusion, CVE-2025-21701 is a resolved vulnerability in the Linux kernel that pertains to a race condition between device unregistration and ethnl operations. Systems running affected versions of the Linux kernel should be updated or patched as soon as possible to avoid potential risks associated with this vulnerability.

Timeline

Published on: 02/13/2025 15:15:20 UTC
Last modified on: 03/24/2025 15:39:01 UTC