SUSE: CVE-2025-38114: SUSE Linux Security Advisory

In the Linux kernel, the following vulnerability has been resolved:

e1000: Move cancel_work_sync to avoid deadlock

Previously, e1000_down called cancel_work_sync for the e1000 reset task
(via e1000_down_and_stop), which takes RTNL.

As reported by users and syzbot, a deadlock is possible in the following
scenario:

CPU 0:
- RTNL is held
- e1000_close
- e1000_down
- cancel_work_sync (cancel / wait for e1000_reset_task())

CPU 1:
- process_one_work
- e1000_reset_task
- take RTNL

To remedy this, avoid calling cancel_work_sync from e1000_down
(e1000_reset_task does nothing if the device is down anyway). Instead,
call cancel_work_sync for e1000_reset_task when the device is being
removed.