{"id":"CVE-2025-40120","summary":"net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock\n\nPrevent USB runtime PM (autosuspend) for AX88772* in bind.\n\nusbnet enables runtime PM (autosuspend) by default, so disabling it via\nthe usb_driver flag is ineffective. On AX88772B, autosuspend shows no\nmeasurable power saving with current driver (no link partner, admin\nup/down). The ~0.453 W -\u003e ~0.248 W drop on v6.1 comes from phylib powering\nthe PHY off on admin-down, not from USB autosuspend.\n\nThe real hazard is that with runtime PM enabled, ndo_open() (under RTNL)\nmay synchronously trigger autoresume (usb_autopm_get_interface()) into\nasix_resume() while the USB PM lock is held. Resume paths then invoke\nphylink/phylib and MDIO, which also expect RTNL, leading to possible\ndeadlocks or PM lock vs MDIO wake issues.\n\nTo avoid this, keep the device runtime-PM active by taking a usage\nreference in ax88772_bind() and dropping it in unbind(). A non-zero PM\nusage count blocks runtime suspend regardless of userspace policy\n(.../power/control - pm_runtime_allow/forbid), making this approach\nrobust against sysfs overrides.\n\nHolding a runtime-PM usage ref does not affect system-wide suspend;\nsystem sleep/resume callbacks continue to run as before.","modified":"2026-04-02T12:48:17.561390Z","published":"2025-11-12T10:23:18.726Z","related":["SUSE-SU-2025:4393-1","SUSE-SU-2025:4422-1","SUSE-SU-2025:4505-1","SUSE-SU-2025:4516-1","SUSE-SU-2025:4517-1","SUSE-SU-2025:4521-1","SUSE-SU-2026:20012-1","SUSE-SU-2026:20015-1","SUSE-SU-2026:20021-1","SUSE-SU-2026:20039-1","SUSE-SU-2026:20059-1","SUSE-SU-2026:20473-1","SUSE-SU-2026:20496-1","openSUSE-SU-2025:20172-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40120.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1534517300e12f2930b6ff477b8820ff658afd11"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3d3c4cd5c62f24bb3cb4511b7a95df707635e00a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3e96cd27ff1a004d84908c1b6cc68ac60913874e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/71a0ba7fdaf8d035426912a4ed7bf1738a81010c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/724a9db84188f80ef60b1f21cc7b4e9c84e0cb64"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9d8bcaf6fae1bd82bc27ec09a2694497e6f6c4b4"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40120.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40120"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4a2c7217cd5a87e85ceb761e307b030fe6db4805"},{"fixed":"71a0ba7fdaf8d035426912a4ed7bf1738a81010c"},{"fixed":"3e96cd27ff1a004d84908c1b6cc68ac60913874e"},{"fixed":"724a9db84188f80ef60b1f21cc7b4e9c84e0cb64"},{"fixed":"1534517300e12f2930b6ff477b8820ff658afd11"},{"fixed":"9d8bcaf6fae1bd82bc27ec09a2694497e6f6c4b4"},{"fixed":"3d3c4cd5c62f24bb3cb4511b7a95df707635e00a"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40120.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.14.0"},{"fixed":"5.15.195"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.156"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.112"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.53"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.17.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40120.json"}}],"schema_version":"1.7.5"}