CVE-2025-21951

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A deadlock scenario can occur in the Linux kernel when the device is not alive during recovery work, causing the recovery work to stall while waiting for the device lock. This issue is observed on the X1E80100 CRD device during the PM shutdown() callback and can also occur on other paths, such as during the PM suspend() callback. The problem arises when the driver core holds the device lock before calling the driver's shutdown() or suspend() callback, and the recovery work is already started. To fix this issue, the pci try reset function() function is used in recovery work, which checks for the availability of the device lock before trying to reset the device.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this problem. As a temporary workaround, consider modifying the recovery work to use pci try reset function() to avoid deadlock. Restrict access to the recovery work function to minimize the risk of exploitation.