CVE-2025-38551: 
Linux Kernel vulnerability analysis and mitigation

A deadlock vulnerability (CVE-2025-38551) was discovered in the Linux kernel's virtio-net driver. The issue was identified in the probe functionality where a recursive rtnl_lock() condition could occur. This vulnerability was recently published on August 16, 2025, and affects the Linux kernel's networking subsystem (NVD).

The vulnerability manifests as a deadlock in the virtio-net driver during the probe operation. The issue occurs when a VMM sends a VIRTIONETSANNOUNCE request while the virtio-net driver is still in its probing phase. The deadlock appears in a specific stack trace sequence: virtnetprobe() -> rtnllock() -> virtioconfigchangedwork() -> netdevnotifypeers() -> rtnllock(). The configwork in probe() gets scheduled until virtnetopen() enables the config change notification via virtioconfigdriverenable() (NVD).

The vulnerability affects the Linux kernel's networking functionality, specifically in the virtio-net driver component. When triggered, it can cause a deadlock condition, potentially affecting system stability and network operations (NVD).

The vulnerability has been fixed in certain Linux distributions. According to the Debian security tracker, the fix has been implemented in bullseye, bookworm, and trixie releases, while forky and sid versions remain vulnerable (Debian Tracker).