| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025072521-CVE-2025-38404-f719@gregkh> Date: Fri, 25 Jul 2025 15:09:22 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38404: usb: typec: displayport: Fix potential deadlock From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of `cros_typec_altmode_data::mutex`. The call chain is as follows: 1. cros_typec_altmode_work() acquires the mutex 2. typec_altmode_vdm() -> dp_altmode_vdm() -> 3. typec_altmode_exit() -> cros_typec_altmode_exit() 4. cros_typec_altmode_exit() attempts to acquire the mutex again To prevent this, defer the `typec_altmode_exit()` call by scheduling it rather than calling it directly from within the mutex-protected context. The Linux kernel CVE team has assigned CVE-2025-38404 to this issue. Affected and fixed versions =========================== Issue introduced in 6.1.143 with commit 8e8a69b1f8c59f0505f8a1c0fb77191f27b75011 and fixed in 6.1.144 with commit 76cf1f33e7319fe74c94ac92f9814094ee8cc84b Issue introduced in 6.6.96 with commit 8851e40587013db00b71d4aeaae30f5fd59b0eec and fixed in 6.6.97 with commit 63cff9f57e86b2dc25d7487ca0118df89a665296 Issue introduced in 6.12.36 with commit 10cc2cfd3e5d0e0ec7590c4bee8bcea10e5492c4 and fixed in 6.12.37 with commit c782f98eef14197affa8a7b91e6981420f109ea9 Issue introduced in 6.15.5 with commit 8f6a4fa7b663468bb304cb885b93326e025ae005 and fixed in 6.15.6 with commit 80c25d7916a44715338d4f8924c8e52af50d0b9f Issue introduced in 6.16-rc1 with commit b4b38ffb38c91afd4dc387608db26f6fc34ed40b and fixed in 6.16-rc5 with commit 099cf1fbb8afc3771f408109f62bdec66f85160e Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38404 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/usb/typec/altmodes/displayport.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/749d9076735fb497aae60fbea9fff563f9ea3254 https://git.kernel.org/stable/c/eb08fca56f1f39e4038cb9bac9864464b13b00aa https://git.kernel.org/stable/c/7be0d1ea71f52595499da39cea484a895e8ed042 https://git.kernel.org/stable/c/76cf1f33e7319fe74c94ac92f9814094ee8cc84b https://git.kernel.org/stable/c/63cff9f57e86b2dc25d7487ca0118df89a665296 https://git.kernel.org/stable/c/c782f98eef14197affa8a7b91e6981420f109ea9 https://git.kernel.org/stable/c/80c25d7916a44715338d4f8924c8e52af50d0b9f https://git.kernel.org/stable/c/099cf1fbb8afc3771f408109f62bdec66f85160e
Powered by blists - more mailing lists