cve/published/2025/CVE-2025-21951.json - pub/scm/linux/security/vulns - Git at Google

 {
    "containers": {
       "cna": {
          "providerMetadata": {
             "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
          },
          "descriptions": [
             {
                "lang": "en",
                "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock\n\nThere are multiple places from where the recovery work gets scheduled\nasynchronously. Also, there are multiple places where the caller waits\nsynchronously for the recovery to be completed. One such place is during\nthe PM shutdown() callback.\n\nIf the device is not alive during recovery_work, it will try to reset the\ndevice using pci_reset_function(). This function internally will take the\ndevice_lock() first before resetting the device. By this time, if the lock\nhas already been acquired, then recovery_work will get stalled while\nwaiting for the lock. And if the lock was already acquired by the caller\nwhich waits for the recovery_work to be completed, it will lead to\ndeadlock.\n\nThis is what happened on the X1E80100 CRD device when the device died\nbefore shutdown() callback. Driver core calls the driver's shutdown()\ncallback while holding the device_lock() leading to deadlock.\n\nAnd this deadlock scenario can occur on other paths as well, like during\nthe PM suspend() callback, where the driver core would hold the\ndevice_lock() before calling driver's suspend() callback. And if the\nrecovery_work was already started, it could lead to deadlock. This is also\nobserved on the X1E80100 CRD.\n\nSo to fix both issues, use pci_try_reset_function() in recovery_work. This\nfunction first checks for the availability of the device_lock() before\ntrying to reset the device. If the lock is available, it will acquire it\nand reset the device. Otherwise, it will return -EAGAIN. If that happens,\nrecovery_work will fail with the error message \"Recovery failed\" as not\nmuch could be done."
             }
          ],
          "affected": [
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "unaffected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "programFiles": [
                   "drivers/bus/mhi/host/pci_generic.c"
                ],
                "versions": [
                   {
                      "version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
                      "lessThan": "7746f3bb8917fccb4571a576f3837d80fc513054",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
                      "lessThan": "7a5ffadd54fe2662f5c99cdccf30144d060376f7",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
                      "lessThan": "1f9eb7078bc6b5fb5cbfbcb37c4bc01685332b95",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
                      "lessThan": "985d3cf56d8745ca637deee273929e01df449f85",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
                      "lessThan": "62505657475c245c9cd46e42ac01026d1e61f027",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
                      "lessThan": "a321d163de3d8aa38a6449ab2becf4b1581aed96",
                      "status": "affected",
                      "versionType": "git"
                   }
                ]
             },
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "affected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "programFiles": [
                   "drivers/bus/mhi/host/pci_generic.c"
                ],
                "versions": [
                   {
                      "version": "5.12",
                      "status": "affected"
                   },
                   {
                      "version": "0",
                      "lessThan": "5.12",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "5.15.179",
                      "lessThanOrEqual": "5.15.*",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.1.131",
                      "lessThanOrEqual": "6.1.*",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.6.83",
                      "lessThanOrEqual": "6.6.*",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.12.19",
                      "lessThanOrEqual": "6.12.*",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.13.7",
                      "lessThanOrEqual": "6.13.*",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.14",
                      "lessThanOrEqual": "*",
                      "status": "unaffected",
                      "versionType": "original_commit_for_fix"
                   }
                ]
             }
          ],
          "cpeApplicability": [
             {
                "nodes": [
                   {
                      "operator": "OR",
                      "negate": false,
                      "cpeMatch": [
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "5.12",
                            "versionEndExcluding": "5.15.179"
                         },
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "5.12",
                            "versionEndExcluding": "6.1.131"
                         },
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "5.12",
                            "versionEndExcluding": "6.6.83"
                         },
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "5.12",
                            "versionEndExcluding": "6.12.19"
                         },
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "5.12",
                            "versionEndExcluding": "6.13.7"
                         },
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "5.12",
                            "versionEndExcluding": "6.14"
                         }
                      ]
                   }
                ]
             }
          ],
          "references": [
             {
                "url": "https://git.kernel.org/stable/c/7746f3bb8917fccb4571a576f3837d80fc513054"
             },
             {
                "url": "https://git.kernel.org/stable/c/7a5ffadd54fe2662f5c99cdccf30144d060376f7"
             },
             {
                "url": "https://git.kernel.org/stable/c/1f9eb7078bc6b5fb5cbfbcb37c4bc01685332b95"
             },
             {
                "url": "https://git.kernel.org/stable/c/985d3cf56d8745ca637deee273929e01df449f85"
             },
             {
                "url": "https://git.kernel.org/stable/c/62505657475c245c9cd46e42ac01026d1e61f027"
             },
             {
                "url": "https://git.kernel.org/stable/c/a321d163de3d8aa38a6449ab2becf4b1581aed96"
             }
          ],
          "title": "bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock",
          "x_generator": {
             "engine": "bippy-1.2.0"
          }
       }
    },
    "cveMetadata": {
       "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
       "cveID": "CVE-2025-21951",
       "requesterUserId": "gregkh@kernel.org",
       "serial": "1",
       "state": "PUBLISHED"
    },
    "dataType": "CVE_RECORD",
    "dataVersion": "5.0"
 }
	{
	"containers": {
	"cna": {
	"providerMetadata": {
	"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
	},
	"descriptions": [
	{
	"lang": "en",
	"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock\n\nThere are multiple places from where the recovery work gets scheduled\nasynchronously. Also, there are multiple places where the caller waits\nsynchronously for the recovery to be completed. One such place is during\nthe PM shutdown() callback.\n\nIf the device is not alive during recovery_work, it will try to reset the\ndevice using pci_reset_function(). This function internally will take the\ndevice_lock() first before resetting the device. By this time, if the lock\nhas already been acquired, then recovery_work will get stalled while\nwaiting for the lock. And if the lock was already acquired by the caller\nwhich waits for the recovery_work to be completed, it will lead to\ndeadlock.\n\nThis is what happened on the X1E80100 CRD device when the device died\nbefore shutdown() callback. Driver core calls the driver's shutdown()\ncallback while holding the device_lock() leading to deadlock.\n\nAnd this deadlock scenario can occur on other paths as well, like during\nthe PM suspend() callback, where the driver core would hold the\ndevice_lock() before calling driver's suspend() callback. And if the\nrecovery_work was already started, it could lead to deadlock. This is also\nobserved on the X1E80100 CRD.\n\nSo to fix both issues, use pci_try_reset_function() in recovery_work. This\nfunction first checks for the availability of the device_lock() before\ntrying to reset the device. If the lock is available, it will acquire it\nand reset the device. Otherwise, it will return -EAGAIN. If that happens,\nrecovery_work will fail with the error message \"Recovery failed\" as not\nmuch could be done."
	}
	],
	"affected": [
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "unaffected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"programFiles": [
	"drivers/bus/mhi/host/pci_generic.c"
	],
	"versions": [
	{
	"version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
	"lessThan": "7746f3bb8917fccb4571a576f3837d80fc513054",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
	"lessThan": "7a5ffadd54fe2662f5c99cdccf30144d060376f7",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
	"lessThan": "1f9eb7078bc6b5fb5cbfbcb37c4bc01685332b95",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
	"lessThan": "985d3cf56d8745ca637deee273929e01df449f85",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
	"lessThan": "62505657475c245c9cd46e42ac01026d1e61f027",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "7389337f0a78ea099c47f0af08f64f20c52ab4ba",
	"lessThan": "a321d163de3d8aa38a6449ab2becf4b1581aed96",
	"status": "affected",
	"versionType": "git"
	}
	]
	},
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "affected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"programFiles": [
	"drivers/bus/mhi/host/pci_generic.c"
	],
	"versions": [
	{
	"version": "5.12",
	"status": "affected"
	},
	{
	"version": "0",
	"lessThan": "5.12",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "5.15.179",
	"lessThanOrEqual": "5.15.*",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.1.131",
	"lessThanOrEqual": "6.1.*",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.6.83",
	"lessThanOrEqual": "6.6.*",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.12.19",
	"lessThanOrEqual": "6.12.*",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.13.7",
	"lessThanOrEqual": "6.13.*",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.14",
	"lessThanOrEqual": "*",
	"status": "unaffected",
	"versionType": "original_commit_for_fix"
	}
	]
	}
	],
	"cpeApplicability": [
	{
	"nodes": [
	{
	"operator": "OR",
	"negate": false,
	"cpeMatch": [
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "5.12",
	"versionEndExcluding": "5.15.179"
	},
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "5.12",
	"versionEndExcluding": "6.1.131"
	},
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "5.12",
	"versionEndExcluding": "6.6.83"
	},
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "5.12",
	"versionEndExcluding": "6.12.19"
	},
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "5.12",
	"versionEndExcluding": "6.13.7"
	},
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "5.12",
	"versionEndExcluding": "6.14"
	}
	]
	}
	]
	}
	],
	"references": [
	{
	"url": "https://git.kernel.org/stable/c/7746f3bb8917fccb4571a576f3837d80fc513054"
	},
	{
	"url": "https://git.kernel.org/stable/c/7a5ffadd54fe2662f5c99cdccf30144d060376f7"
	},
	{
	"url": "https://git.kernel.org/stable/c/1f9eb7078bc6b5fb5cbfbcb37c4bc01685332b95"
	},
	{
	"url": "https://git.kernel.org/stable/c/985d3cf56d8745ca637deee273929e01df449f85"
	},
	{
	"url": "https://git.kernel.org/stable/c/62505657475c245c9cd46e42ac01026d1e61f027"
	},
	{
	"url": "https://git.kernel.org/stable/c/a321d163de3d8aa38a6449ab2becf4b1581aed96"
	}
	],
	"title": "bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock",
	"x_generator": {
	"engine": "bippy-1.2.0"
	}
	}
	},
	"cveMetadata": {
	"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
	"cveID": "CVE-2025-21951",
	"requesterUserId": "gregkh@kernel.org",
	"serial": "1",
	"state": "PUBLISHED"
	},
	"dataType": "CVE_RECORD",
	"dataVersion": "5.0"
	}