Bug 2493699 (CVE-2026-53323) - CVE-2026-53323 kernel: net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops
Summary: CVE-2026-53323 kernel: net: dsa: remove redundant netdev_lock_ops() from cond...
Keywords:
Status: NEW
Alias: CVE-2026-53323
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-06-26 21:01 UTC by OSIDB Bzimport
Modified: 2026-06-29 11:16 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2026-06-26 21:01:25 UTC
In the Linux kernel, the following vulnerability has been resolved:

net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops

DSA replaces the conduit (master) device's ethtool_ops with its own
wrappers that aggregate stats from both the conduit and DSA switch
ports. Taking the lock again inside the DSA wrappers causes a deadlock.

Stumbled upon this when booting qemu with fbnic and CONFIG_NET_DSA_LOOP=y
(which looks like some kind of testing device that auto-populates the ports
of eth0). `ethtool -i` is enough to deadlock. This means we have basically zero
coverage for DSA stuff with real ops locked devs.

Remove the redundant netdev_lock_ops()/netdev_unlock_ops() calls from
the DSA conduit ethtool wrappers.

Comment 1 Mauro Matteo Cascella 2026-06-29 11:10:16 UTC
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026062623-CVE-2026-53323-7827@gregkh/T


Note You need to log in before you can comment on or make changes to this bug.