Linux Kernel fbnic Driver Phylink Resume Locking Assertion Vulnerability

A vulnerability in the Linux kernel's fbnic driver was introduced by improper handling of the phylink resume process during power management transitions. This issue caused a locking assertion failure, as the phylink interface was brought online after enabling the service task without holding the required lock. The vulnerability affects Linux kernel versions through 6.17.0-rc2.

Impact

The vulnerability could lead to a locking assertion failure, disrupting the normal operation of the fbnic driver and potentially causing issues in network interface management.

Reproduction

The vulnerability can be reproduced by putting a system to sleep and then waking it up, which triggers the phylink resume process. This can be done using the 'echo mem > /sys/power/state' command to put the system to sleep, followed by 'system_wakeup' in the QEMU monitor.

Remediation

The vulnerability has been addressed by moving the phylink resume call to the appropriate stage in the network interface open process, ensuring that the correct locking is maintained. Users should update to the latest version of the Linux kernel where this fix has been applied.