{“lastseen”:””,”description”:”In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: ks8851: Reinstate disabling of BHs around IRQ handler\\n\\nIf the driver executes ks8851_irq() AND a TX packet has been sent, then\\nthe driver enables TX queue via netif_wake_queue() which schedules TX\\nsoftirq to queue packets for this device.\\n\\nIf CONFIG_PREEMPT_RT=y is set AND a packet has also been received by\\nthe MAC, then ks8851_rx_pkts() calls netdev_alloc_skb_ip_align() to\\nallocate SKBs for the received packets. If netdev_alloc_skb_ip_align()\\nis called with BH enabled, then local_bh_enable() at the end of\\nnetdev_alloc_skb_ip_align() will trigger the pending softirq processing,\\nwhich may ultimately call the .xmit callback ks8851_start_xmit_par().\\nThe ks8851_start_xmit_par() will try to lock struct ks8851_net_par\\n.lock spinlock, which is already locked by ks8851_irq() from which\\nks8851_start_xmit_par() was called. This leads to a deadlock, which\\nis reported by the kernel, including a trace listed below.\\n\\nIf CONFIG_PREEMPT_RT is not set, then since commit 0913ec336a6c0\\n(\\”net: ks8851: Fix deadlock with the SPI chip variant\\”) the deadlock\\ncan also be triggered without received packet in the RX FIFO. The\\npending softirqs will be processed on return from\\nspin_unlock_bh(\\u0026ks-\\u003estatelock) in ks8851_irq(), which triggers the\\ndeadlock as well.\\n\\nFix the problem by disabling BH around critical sections, including the\\nIRQ handler, thus preventing the net_tx_action() softirq from triggering\\nduring these critical sections. The net_tx_action() softirq is triggered\\nonce BH are re-enabled and at the end of the IRQ handler, once all the\\nother IRQ handler actions have been completed.\\n\\n __schedule from schedule_rtlock+0x1c\/0x34\\n schedule_rtlock from rtlock_slowlock_locked+0x548\/0x904\\n rtlock_slowlock_locked from rt_spin_lock+0x60\/0x9c\\n rt_spin_lock from ks8851_start_xmit_par+0x74\/0x1a8\\n ks8851_start_xmit_par from netdev_start_xmit+0x20\/0x44\\n netdev_start_xmit from dev_hard_start_xmit+0xd0\/0x188\\n dev_hard_start_xmit from sch_direct_xmit+0xb8\/0x25c\\n sch_direct_xmit from __qdisc_run+0x1f8\/0x4ec\\n __qdisc_run from qdisc_run+0x1c\/0x28\\n qdisc_run from net_tx_action+0x1f0\/0x268\\n net_tx_action from handle_softirqs+0x1a4\/0x270\\n handle_softirqs from __local_bh_enable_ip+0xcc\/0xe0\\n __local_bh_enable_ip from __alloc_skb+0xd8\/0x128\\n __alloc_skb from __netdev_alloc_skb+0x3c\/0x19c\\n __netdev_alloc_skb from ks8851_irq+0x388\/0x4d4\\n ks8851_irq from irq_thread_fn+0x24\/0x64\\n irq_thread_fn from irq_thread+0x178\/0x28c\\n irq_thread from kthread+0x12c\/0x138\\n kthread from ret_from_fork+0x14\/0x28″,”published”:”2026-05-27T12:56:40.357Z”,”modified”:”2026-05-30T10:46:48.314Z”,”type”:”cve”,”title”:”net: ks8851: Reinstate disabling of BHs around IRQ handler”,”source”:”Linux”,”references”:”https:\/\/git.kernel.org\/stable\/c\/640a7631d31db87d5fa1b34cea44a99b6e78854b\\nhttps:\/\/git.kernel.org\/stable\/c\/518040324067d8efaa2da1992297b7e7bf5640f4\\nhttps:\/\/git.kernel.org\/stable\/c\/be8aad558b4675f45b43080f81a9ffdeddea73a5\\nhttps:\/\/git.kernel.org\/stable\/c\/21f1707a8e978558dcb11b053855521e32ac0eec\\nhttps:\/\/git.kernel.org\/stable\/c\/5c9fcac3c872224316714d0d8914d9af16c76a6d”,”id”:”CVE-2026-46031″,”bulletinFamily”:””,”cwe”:null,”cvelist”:null,”sourceData”:”Linux Linux ae87f661f3c1a3134a7ed86ab69bf9f12af88993\\nLinux Linux e0863634bf9f7cf36291ebb5bfa2d16632f79c49\\nLinux Linux e0863634bf9f7cf36291ebb5bfa2d16632f79c49\\nLinux Linux e0863634bf9f7cf36291ebb5bfa2d16632f79c49\\nLinux Linux e0863634bf9f7cf36291ebb5bfa2d16632f79c49\\nLinux Linux 8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545\\nLinux Linux 7e2901a2a9195da76111f351584bf77552a038f0\\nLinux Linux 6.6.31\\nLinux Linux 6.1.91\\nLinux Linux 6.8.10\\nLinux Linux 6.9″,”sourceHref”:””,”cvss”:{“score”:7.5,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Linux”,”version”:”ae87f661f3c1a3134a7ed86ab69bf9f12af88993″,”vendor”:”Linux”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: ks8851: Reinstate disabling of BHs around IRQ handler\\n\\nIf the driver executes ks8851_irq() AND a TX…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,16,12,15,13,7,11,5],"class_list":["post-58572","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-75","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n