CVE-2025-38720
📋 TL;DR
A race condition in the Linux kernel's hibmcge network driver causes a deadlock when PCI bus reset operations occur, potentially leading to system instability or denial of service. This affects systems using the hibmcge driver for HiSilicon network adapters. The vulnerability requires local access or ability to trigger PCI error recovery mechanisms.
💻 Affected Systems
- Linux kernel with hibmcge driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System deadlock requiring hard reboot, causing extended downtime and potential data loss in critical systems.
Likely Case
Network interface becomes unresponsive, requiring driver reload or system restart to restore functionality.
If Mitigated
Minor performance impact during PCI error recovery with no persistent system damage.
🎯 Exploit Status
Exploitation requires triggering PCI error recovery, which could be done through hardware manipulation, driver bugs, or potentially malicious DMA operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 1343a8994ca7dba78f5dd818e89d68331c21c35d, c875503a9b9082928d7d3fc60b5400d16fbfae4e, or d85a6346fd6f595c4914205762d0cdf35c004a5e
Vendor Advisory: https://git.kernel.org/stable/c/1343a8994ca7dba78f5dd818e89d68331c21c35d
Restart Required: No
Instructions:
1. Update to a patched kernel version from your distribution. 2. For custom kernels, apply the relevant commit from kernel.org. 3. Rebuild and install the kernel. 4. Load the updated hibmcge driver module.
🔧 Temporary Workarounds
Disable hibmcge driver
allRemove or blacklist the hibmcge driver if HiSilicon network adapters are not needed
echo 'blacklist hibmcge' >> /etc/modprobe.d/blacklist.conf
rmmod hibmcge
Disable PCI error recovery
allPrevent PCI error recovery from triggering the deadlock condition
echo 0 > /sys/bus/pci/devices/*/remove
echo 1 > /sys/bus/pci/rescan
🧯 If You Can't Patch
- Monitor system logs for PCI error messages and hibmcge driver issues
- Implement redundancy for critical network services using hibmcge adapters
🔍 How to Verify
Check if Vulnerable:
Check if hibmcge module is loaded: lsmod | grep hibmcge. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits. Test PCI error recovery on hibmcge devices.📡 Detection & Monitoring
Log Indicators:
- Kernel messages about rtnl deadlock
- PCI error recovery messages
- hibmcge driver reset failures
- System hang or unresponsive network interfaces
Network Indicators:
- Sudden loss of network connectivity on hibmcge interfaces
- Increased network timeouts
SIEM Query:
source="kernel" AND ("rtnl" OR "deadlock" OR "hibmcge" OR "PCI error")