CVE-2024-36976

MEDIUM

Linux Kernel 6.9-6.9.1 - Deadlock via v4l2-ctrls log_status Locking

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: Revert "media: v4l2-ctrls: show all owned controls in log_status" This reverts commit 9801b5b28c6929139d6fceeee8d739cc67bb2739. This patch introduced a potential deadlock scenario: [Wed May 8 10:02:06 2024] Possible unsafe locking scenario: [Wed May 8 10:02:06 2024] CPU0 CPU1 [Wed May 8 10:02:06 2024] ---- ---- [Wed May 8 10:02:06 2024] lock(vivid_ctrls:1620:(hdl_vid_cap)->_lock); [Wed May 8 10:02:06 2024] lock(vivid_ctrls:1608:(hdl_user_vid)->_lock); [Wed May 8 10:02:06 2024] lock(vivid_ctrls:1620:(hdl_vid_cap)->_lock); [Wed May 8 10:02:06 2024] lock(vivid_ctrls:1608:(hdl_user_vid)->_lock); For now just revert.

References (2)

Core 2

Scores

CVSS v3 5.5
EPSS 0.0014
EPSS Percentile 3.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-667
Status published
Products (8)
linux/Kernel 6.9.0 - 6.9.2linux
Linux/Linux < 6.9
Linux/Linux 6.10
Linux/Linux 6.9
Linux/Linux 6.9.2 - 6.9.*
Linux/Linux 9801b5b28c6929139d6fceeee8d739cc67bb2739 - 2e0ce54a9c5c7013b1257be044d99cbe7305e9f1
Linux/Linux 9801b5b28c6929139d6fceeee8d739cc67bb2739 - eba63df7eb1f95df6bfb67722a35372b6994928d
linux/linux_kernel 6.9 - 6.9.2
Published Jun 18, 2024
Tracked Since Feb 18, 2026