CVE-2025-39874

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw related to MACsec feature synchronization on RTM NEWLINK events. Syzkaller identified a condition where the lower network device could become locked when using ETHTOOL SFEATURES. This occurs because the upper and lower features are out of sync, leading to a deadlock during feature updates. The issue arises from a race condition when updating network features, specifically within the netdev sync lower features function, potentially causing the system to hang. The vulnerability is triggered when attempting to synchronize features between the upper and lower layers of a network device, specifically during MACsec link creation. The netdev lock ops function is involved in the locking mechanism that can lead to the deadlock.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.