Linux Kernel Missing rtnl Lock Vulnerability in ravb Driver Suspend/Resume Path

A vulnerability in the Linux kernel's ravb network driver has been addressed by ensuring that the rtnl lock is properly held during the suspend and resume process. This adjustment prevents conflicts with ongoing ndo operations, which could lead to issues such as a warning about suspicious RCU usage. The vulnerability was identified in the context of the Renesas SMARC EVK version 2, running a Linux kernel version 6.13.0-rc7-next-20250116.

Impact

Failure to hold the rtnl lock during the suspend/resume process can lead to conflicts with network device operations, potentially causing instability or unexpected behavior in the network stack.

Reproduction

The vulnerability can be reproduced by suspending and resuming a device using the ravb network driver without the rtnl lock, which can trigger a warning about suspicious RCU usage. This indicates that the driver operations are not properly synchronized, potentially leading to conflicts or instability.

Remediation

Users should update to the latest version of the Linux kernel where this vulnerability has been fixed.