CVE-2026-46165
Description
In the Linux kernel, the following vulnerability has been resolved:
openvswitch: vport: fix self-deadlock on release of tunnel ports
vports are used concurrently and protected by RCU, so netdev_put() must happen after the RCU grace period. So, either in an RCU call or after the synchronize_net(). The rtnl_delete_link() must happen under RTNL and so can't be executed in RCU context. Calling synchronize_net() while holding RTNL is not a good idea for performance and system stability under load in general, so calling netdev_put() in RCU call is the right solution here.
However, when the device is deleted, rtnl_unlock() will call netdev_run_todo() and block until all the references are gone. In the current code this means that we never reach the call_rcu() and the vport is never freed and the reference is never released, causing a self-deadlock on device removal.
Fix that by moving the rcu_call() before the rtnl_unlock(), so the scheduled RCU callback will be executed when synchronize_net() is called from the rtnl_unlock()->netdev_run_todo() while the RTNL itself is already released.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.1.168,<6.1.175
- cpe:2.3:o:linux:linux_kernel:7.0:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
6- git.kernel.org/stable/c/366c482965c673565ecb8bcfb15d5548f13a6a10nvdPatch
- git.kernel.org/stable/c/3df75fff46b1517eb479d8e6b8e3500763715dd0nvdPatch
- git.kernel.org/stable/c/6522d59fb7de55ce0f0f285d962243ddffebb01fnvdPatch
- git.kernel.org/stable/c/8ae6c15fc473c9ad03b0173330cce9a092c76154nvdPatch
- git.kernel.org/stable/c/aa69918bd418e700309fdd08509dba324fb24296nvdPatch
- git.kernel.org/stable/c/c741433f6c8dcdecd1d9549d89053761fd1ea413nvdPatch
News mentions
0No linked articles in our index yet.