CVE-2025-40120
CVE-2025-40120 is a security vulnerability that is still awaiting full analysis and scoring. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- EPSS exploit prediction: 0% (8th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2025-124963
- Published:
- Last modified:
Description
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM (autosuspend) for AX88772* in bind. usbnet enables runtime PM (autosuspend) by default, so disabling it via the usb_driver flag is ineffective. On AX88772B, autosuspend shows no measurable power saving with current driver (no link partner, admin up/down). The ~0.453 W -> ~0.248 W drop on v6.1 comes from phylib powering the PHY off on admin-down, not from USB autosuspend. The real hazard is that with runtime PM enabled, ndo_open() (under RTNL) may synchronously trigger autoresume (usb_autopm_get_interface()) into asix_resume() while the USB PM lock is held. Resume paths then invoke phylink/phylib and MDIO, which also expect RTNL, leading to possible deadlocks or PM lock vs MDIO wake issues. To avoid this, keep the device runtime-PM active by taking a usage reference in ax88772_bind() and dropping it in unbind(). A non-zero PM usage count blocks runtime suspend regardless of userspace policy (.../power/control - pm_runtime_allow/forbid), making this approach robust against sysfs overrides. Holding a runtime-PM usage ref does not affect system-wide suspend; system sleep/resume callbacks continue to run as before.
Frequently asked questions
- What is CVE-2025-40120?
- In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM (autosuspend) for AX88772* in bind. usbnet enables runtime PM (autosuspend) by default, so disabling it via the usb_driver flag is ineffective. On AX88772B, autosuspend shows no measurable power saving with current driver (no link partner, admin up/down). The ~0.453 W -> ~0.248 W drop on v6.1 comes from phylib powering the PHY off on admin-down, not from USB autosuspend. The real hazard is that with runtime PM enabled, ndo_open() (under RTNL) may synchronously trigger autoresume (usb_autopm_get_interface()) into asix_resume() while the USB PM lock is held. Resume paths then invoke phylink/phylib and MDIO, which also expect RTNL, leading to possible deadlocks or PM lock vs MDIO wake issues. To avoid this, keep the device runtime-PM active by taking a usage reference in ax88772_bind() and dropping it in unbind(). A non-zero PM usage count blocks runtime suspend regardless of userspace policy (.../power/control - pm_runtime_allow/forbid), making this approach robust against sysfs overrides. Holding a runtime-PM usage ref does not affect system-wide suspend; system sleep/resume callbacks continue to run as before.
- Is CVE-2025-40120 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (8th percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2025-40120?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2025-40120 have an EU (EUVD) identifier?
- Yes. CVE-2025-40120 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-124963.
- When was CVE-2025-40120 published?
- CVE-2025-40120 was published on 2025-11-12 and last updated on 2026-06-17.
References
- https://git.kernel.org/stable/c/1534517300e12f2930b6ff477b8820ff658afd11
- https://git.kernel.org/stable/c/3d3c4cd5c62f24bb3cb4511b7a95df707635e00a
- https://git.kernel.org/stable/c/3e96cd27ff1a004d84908c1b6cc68ac60913874e
- https://git.kernel.org/stable/c/71a0ba7fdaf8d035426912a4ed7bf1738a81010c
- https://git.kernel.org/stable/c/724a9db84188f80ef60b1f21cc7b4e9c84e0cb64
- https://git.kernel.org/stable/c/9d8bcaf6fae1bd82bc27ec09a2694497e6f6c4b4