CVE-2025-21951: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for the recovery to be completed. One such place is during the PM shutdown() callback. If the device is not alive during recovery_work, it will try to reset the device using pci_reset_function(). This function internally will take the device_lock() first before resetting the device. By this time, if the lock has already been acquired, then recovery_work will get stalled while waiting for the lock. And if the lock was already acquired by the caller which waits for the recovery_work to be completed, it will lead to deadlock. This is what happened on the X1E80100 CRD device when the device died before shutdown() callback. Driver core calls the driver's shutdown() callback while holding the device_lock() leading to deadlock. And this deadlock scenario can occur on other paths as well, like during the PM suspend() callback, where the driver core would hold the device_lock() before calling driver's suspend() callback. And if the recovery_work was already started, it could lead to deadlock. This is also observed on the X1E80100 CRD. So to fix both issues, use pci_try_reset_function() in recovery_work. This function first checks for the availability of the device_lock() before trying to reset the device. If the lock is available, it will acquire it and reset the device. Otherwise, it will return -EAGAIN. If that happens, recovery_work will fail with the error message "Recovery failed" as not much could be done.
AI Analysis
Technical Summary
CVE-2025-21951 is a vulnerability in the Linux kernel affecting the PCI subsystem, specifically related to the MHI (Modem Host Interface) host driver and its handling of device recovery during power management operations. The issue arises from a deadlock condition caused by improper locking mechanisms when resetting PCI devices during asynchronous recovery work. The Linux kernel schedules recovery work asynchronously in multiple places, but some callers wait synchronously for this recovery to complete, such as during the power management shutdown() and suspend() callbacks. During these callbacks, the driver core holds the device_lock() while invoking the driver's shutdown() or suspend() callbacks. If the device has failed or is not alive, the recovery work attempts to reset the device using pci_reset_function(), which requires acquiring the same device_lock(). If the lock is already held by the caller waiting for recovery to finish, the recovery work stalls waiting for the lock, causing a deadlock. This deadlock was observed on the X1E80100 CRD device but could potentially affect other devices using similar recovery and power management sequences. The fix implemented replaces pci_reset_function() with pci_try_reset_function() in the recovery work. The pci_try_reset_function() attempts to acquire the device_lock() non-blockingly and returns -EAGAIN if the lock is unavailable, preventing the deadlock by failing the recovery work gracefully with an error message. This change avoids the circular wait condition that leads to deadlock but means recovery may fail if the lock cannot be acquired immediately. This vulnerability highlights the complexity of asynchronous recovery and synchronous power management interactions in kernel device drivers and the importance of careful lock management to avoid system hangs or crashes.
Potential Impact
For European organizations relying on Linux-based systems, especially those using hardware with PCI devices managed by the MHI host driver or similar drivers, this vulnerability can lead to system deadlocks during shutdown or suspend operations. This can cause unresponsive systems, forced reboots, or data loss if devices fail to reset properly. Critical infrastructure, telecommunications equipment, and industrial control systems running Linux kernels with affected versions could experience operational disruptions. The deadlock can impact system availability and reliability, potentially affecting service continuity. Since the issue occurs during power management callbacks, it may be triggered during routine maintenance or power state changes, increasing the risk of unexpected downtime. Organizations with large Linux server deployments or embedded Linux devices in production environments should be aware of this risk. Although no known exploits are reported in the wild, the vulnerability could be triggered by device failures or specific hardware conditions, making it a concern for stability and uptime in sensitive environments.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should: 1) Apply the official Linux kernel patches that replace pci_reset_function() with pci_try_reset_function() in the recovery work to prevent deadlocks. 2) Test updated kernel versions in staging environments to ensure compatibility with existing hardware, especially devices similar to the X1E80100 CRD. 3) Monitor system logs for recovery failure messages indicating "Recovery failed" errors, which may signal attempts to reset devices without acquiring locks. 4) Implement robust hardware monitoring and predictive failure analysis to detect device issues before triggering recovery work. 5) Avoid forced shutdowns or suspends during critical operations to reduce the chance of triggering the deadlock. 6) For embedded or specialized Linux systems, coordinate with hardware vendors to confirm firmware and driver compatibility with patched kernels. 7) Maintain regular kernel updates as part of patch management to incorporate ongoing fixes for related PCI and power management issues. These steps go beyond generic advice by focusing on kernel patching, hardware compatibility testing, and proactive monitoring tailored to this specific deadlock scenario.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy
CVE-2025-21951: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for the recovery to be completed. One such place is during the PM shutdown() callback. If the device is not alive during recovery_work, it will try to reset the device using pci_reset_function(). This function internally will take the device_lock() first before resetting the device. By this time, if the lock has already been acquired, then recovery_work will get stalled while waiting for the lock. And if the lock was already acquired by the caller which waits for the recovery_work to be completed, it will lead to deadlock. This is what happened on the X1E80100 CRD device when the device died before shutdown() callback. Driver core calls the driver's shutdown() callback while holding the device_lock() leading to deadlock. And this deadlock scenario can occur on other paths as well, like during the PM suspend() callback, where the driver core would hold the device_lock() before calling driver's suspend() callback. And if the recovery_work was already started, it could lead to deadlock. This is also observed on the X1E80100 CRD. So to fix both issues, use pci_try_reset_function() in recovery_work. This function first checks for the availability of the device_lock() before trying to reset the device. If the lock is available, it will acquire it and reset the device. Otherwise, it will return -EAGAIN. If that happens, recovery_work will fail with the error message "Recovery failed" as not much could be done.
AI-Powered Analysis
Technical Analysis
CVE-2025-21951 is a vulnerability in the Linux kernel affecting the PCI subsystem, specifically related to the MHI (Modem Host Interface) host driver and its handling of device recovery during power management operations. The issue arises from a deadlock condition caused by improper locking mechanisms when resetting PCI devices during asynchronous recovery work. The Linux kernel schedules recovery work asynchronously in multiple places, but some callers wait synchronously for this recovery to complete, such as during the power management shutdown() and suspend() callbacks. During these callbacks, the driver core holds the device_lock() while invoking the driver's shutdown() or suspend() callbacks. If the device has failed or is not alive, the recovery work attempts to reset the device using pci_reset_function(), which requires acquiring the same device_lock(). If the lock is already held by the caller waiting for recovery to finish, the recovery work stalls waiting for the lock, causing a deadlock. This deadlock was observed on the X1E80100 CRD device but could potentially affect other devices using similar recovery and power management sequences. The fix implemented replaces pci_reset_function() with pci_try_reset_function() in the recovery work. The pci_try_reset_function() attempts to acquire the device_lock() non-blockingly and returns -EAGAIN if the lock is unavailable, preventing the deadlock by failing the recovery work gracefully with an error message. This change avoids the circular wait condition that leads to deadlock but means recovery may fail if the lock cannot be acquired immediately. This vulnerability highlights the complexity of asynchronous recovery and synchronous power management interactions in kernel device drivers and the importance of careful lock management to avoid system hangs or crashes.
Potential Impact
For European organizations relying on Linux-based systems, especially those using hardware with PCI devices managed by the MHI host driver or similar drivers, this vulnerability can lead to system deadlocks during shutdown or suspend operations. This can cause unresponsive systems, forced reboots, or data loss if devices fail to reset properly. Critical infrastructure, telecommunications equipment, and industrial control systems running Linux kernels with affected versions could experience operational disruptions. The deadlock can impact system availability and reliability, potentially affecting service continuity. Since the issue occurs during power management callbacks, it may be triggered during routine maintenance or power state changes, increasing the risk of unexpected downtime. Organizations with large Linux server deployments or embedded Linux devices in production environments should be aware of this risk. Although no known exploits are reported in the wild, the vulnerability could be triggered by device failures or specific hardware conditions, making it a concern for stability and uptime in sensitive environments.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should: 1) Apply the official Linux kernel patches that replace pci_reset_function() with pci_try_reset_function() in the recovery work to prevent deadlocks. 2) Test updated kernel versions in staging environments to ensure compatibility with existing hardware, especially devices similar to the X1E80100 CRD. 3) Monitor system logs for recovery failure messages indicating "Recovery failed" errors, which may signal attempts to reset devices without acquiring locks. 4) Implement robust hardware monitoring and predictive failure analysis to detect device issues before triggering recovery work. 5) Avoid forced shutdowns or suspends during critical operations to reduce the chance of triggering the deadlock. 6) For embedded or specialized Linux systems, coordinate with hardware vendors to confirm firmware and driver compatibility with patched kernels. 7) Maintain regular kernel updates as part of patch management to incorporate ongoing fixes for related PCI and power management issues. These steps go beyond generic advice by focusing on kernel patching, hardware compatibility testing, and proactive monitoring tailored to this specific deadlock scenario.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-12-29T08:45:45.790Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9833c4522896dcbe8cce
Added to database: 5/21/2025, 9:09:07 AM
Last enriched: 6/30/2025, 11:10:11 AM
Last updated: 8/17/2025, 4:31:16 PM
Views: 12
Related Threats
CVE-2025-9109: Observable Response Discrepancy in Portabilis i-Diario
MediumCVE-2025-9108: Improper Restriction of Rendered UI Layers in Portabilis i-Diario
MediumCVE-2025-9107: Cross Site Scripting in Portabilis i-Diario
MediumCVE-2025-9106: Cross Site Scripting in Portabilis i-Diario
MediumCVE-2025-9105: Cross Site Scripting in Portabilis i-Diario
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.