CVE-2026-43147

UNKNOWN 0.0

Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV"

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" This reverts commit 05703271c3cd ("PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV"), which causes a deadlock by recursively taking pci_rescan_remove_lock when sriov_del_vfs() is called as part of pci_stop_and_remove_bus_device(). For example with the following sequence of commands: $ echo <NUM> > /sys/bus/pci/devices/<pf>/sriov_numvfs $ echo 1 > /sys/bus/pci/devices/<pf>/remove A trimmed trace of the deadlock on a mlx5 device is as below: zsh/5715 is trying to acquire lock: 000002597926ef50 (pci_rescan_remove_lock){+.+.}-{3:3}, at: sriov_disable+0x34/0x140 but task is already holding lock: 000002597926ef50 (pci_rescan_remove_lock){+.+.}-{3:3}, at: pci_stop_and_remove_bus_device_locked+0x24/0x80 ... Call Trace: [<00000259778c4f90>] dump_stack_lvl+0xc0/0x110 [<00000259779c844e>] print_deadlock_bug+0x31e/0x330 [<00000259779c1908>] __lock_acquire+0x16c8/0x32f0 [<00000259779bffac>] lock_acquire+0x14c/0x350 [<00000259789643a6>] __mutex_lock_common+0xe6/0x1520 [<000002597896413c>] mutex_lock_nested+0x3c/0x50 [<00000259784a07e4>] sriov_disable+0x34/0x140 [<00000258f7d6dd80>] mlx5_sriov_disable+0x50/0x80 [mlx5_core] [<00000258f7d5745e>] remove_one+0x5e/0xf0 [mlx5_core] [<00000259784857fc>] pci_device_remove+0x3c/0xa0 [<000002597851012e>] device_release_driver_internal+0x18e/0x280 [<000002597847ae22>] pci_stop_bus_device+0x82/0xa0 [<000002597847afce>] pci_stop_and_remove_bus_device_locked+0x5e/0x80 [<00000259784972c2>] remove_store+0x72/0x90 [<0000025977e6661a>] kernfs_fop_write_iter+0x15a/0x200 [<0000025977d7241c>] vfs_write+0x24c/0x300 [<0000025977d72696>] ksys_write+0x86/0x110 [<000002597895b61c>] __do_syscall+0x14c/0x400 [<000002597896e0ee>] system_call+0x6e/0x90 This alone is not a complete fix as it restores the issue the cited commit tried to solve. A new fix will be provided as a follow on.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 6, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1e8a80290f964bdbad225221c8a1594c7e01c8fd < f61cdd7e9b67bb8961b0a81bf294b78343e5db05 a645ca21de09e3137cbb224fa6c23cca873a1d01 < 0de341b2365bad430aade0853fe09c2cbe468f59 a24219172456f035d886857e265ca24c85b167c8 < 83651d37474c762920e345a3a0828f975ca4d732 36039348bca77828bf06eae41b8f76e38cd15847 < 639265296fe6ee21b6f00e00ee2bab65f3b07252 53154cd40ccf285f1d1c24367824082061d155bd < d47f27e145f8bd13f3c230da5e3af29225b4a2f7 05703271c3cdcc0f2a8cf6ebdc45892b8ca83520 < 40f67686a5002c0c322fac918406bbc8d9c2ec2f 05703271c3cdcc0f2a8cf6ebdc45892b8ca83520 < 58677783c89681871077f50a7042b0c6380c4fd8 05703271c3cdcc0f2a8cf6ebdc45892b8ca83520 < 2fa119c0e5e528453ebae9e70740e8d2d8c0ed5a 5c1cd7d405e94dc6cb320cc0cc092b74895b6ddf ee40e5db052d7c6f406fdb95ad639c894c74674c

Linux / Linux

6.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗