Lockdep Assertion Issue in Linux Kernel Affects Mellanox Products
CVE-2025-39832

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-39832?

This vulnerability arises within the Linux kernel, specifically tied to the synchronization reset unload workflow for Mellanox products. During this process, a lock dependency assertion warning is triggered if the devlink lock is held while managing the unload event. To mitigate this issue, developers modified the handling of the sync reset unload event to ensure it is delegated back to the devlink callback process, thus preventing potential double-locking scenarios and eliminating the associated warnings in kernel logs.

Affected Version(s)

Linux 7a9770f1bfeaeddf5afabd3244e2c4c4966be37d

Linux 7a9770f1bfeaeddf5afabd3244e2c4c4966be37d < 0c87dba9ccd3801d3b503f0b4fd41be343af4f06

Linux 7a9770f1bfeaeddf5afabd3244e2c4c4966be37d < 06d897148e79638651800d851a69547b56b4be2e

References

https://git.kernel.org/stable/c/ddac9d0fe2493dd550cbfc75e...

https://git.kernel.org/stable/c/0c87dba9ccd3801d3b503f0b4...

https://git.kernel.org/stable/c/06d897148e79638651800d851...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Apr 16, 2025