Description
In the Linux kernel, the following vulnerability has been resolved:

net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops

DSA replaces the conduit (master) device's ethtool_ops with its own
wrappers that aggregate stats from both the conduit and DSA switch
ports. Taking the lock again inside the DSA wrappers causes a deadlock.

Stumbled upon this when booting qemu with fbnic and CONFIG_NET_DSA_LOOP=y
(which looks like some kind of testing device that auto-populates the ports
of eth0). `ethtool -i` is enough to deadlock. This means we have basically zero
coverage for DSA stuff with real ops locked devs.

Remove the redundant netdev_lock_ops()/netdev_unlock_ops() calls from
the DSA conduit ethtool wrappers.
Published: 2026-06-26
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A redundant locking call in the Linux kernel's DSA conduit ethtool wrapper causes a deadlock when the ethtool command is executed against the conduit device. The lock is held twice, which stalls all operations on the affected network device and can bring network functionality to a halt. The vulnerability does not compromise confidentiality or integrity; its impact is limited to availability of the network device, potentially causing a system‑wide network outage until the kernel is rebooted or the device is reset.

Affected Systems

The issue affects Linux kernels that enable the Data Switch Architecture (DSA) feature, especially configurations that use CONFIG_NET_DSA_LOOP or similar testing devices that auto-populate the ports of eth0. All distributions shipping the Linux kernel can be impacted if the DSA conduit implementation and the redundant lock calls are present. No specific version range is provided in the advisory.

Risk and Exploitability

The EPSS score is < 1% (approximately 0.00155), indicating a very low but non‑zero likelihood of exploitation. The vulnerability is not listed in CISA KEV, so its real‑world exploitation risk remains uncertain. The attack vector appears local, requiring an attacker to run ethtool against a device that is already running. An attacker who can trigger the ethtool command can cause a kernel‑level deadlock, disabling network services and potentially requiring a system reboot. The CVSS score of 5.5 indicates that the vulnerability is of moderate severity.

Generated by OpenCVE AI on June 29, 2026 at 15:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest patched kernel from the distribution or upstream that removes the redundant netdev_lock_ops calls in the DSA conduit ethtool wrappers.
  • If the system requires DSA but the CONFIG_NET_DSA_LOOP option or similar testing devices are not essential, disable that configuration in the kernel.
  • Monitor the network subsystem for signs of deadlock (e.g., repeated failures of ethtool commands) and, if necessary, restart affected network services or reboot the system.

Generated by OpenCVE AI on June 29, 2026 at 15:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 29 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-647

Mon, 29 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-764
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


Fri, 26 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-647

Fri, 26 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops DSA replaces the conduit (master) device's ethtool_ops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again inside the DSA wrappers causes a deadlock. Stumbled upon this when booting qemu with fbnic and CONFIG_NET_DSA_LOOP=y (which looks like some kind of testing device that auto-populates the ports of eth0). `ethtool -i` is enough to deadlock. This means we have basically zero coverage for DSA stuff with real ops locked devs. Remove the redundant netdev_lock_ops()/netdev_unlock_ops() calls from the DSA conduit ethtool wrappers.
Title net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-26T19:41:13.926Z

Reserved: 2026-06-09T07:44:35.398Z

Link: CVE-2026-53323

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-26T00:00:00Z

Links: CVE-2026-53323 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T15:30:05Z

Weaknesses
  • CWE-764

    Multiple Locks of a Critical Resource