CVE-2025-38404
MEDIUMLinux Kernel - Deadlock via Recursive Mutex Acquisition in cros_typec_altmode_exit
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of `cros_typec_altmode_data::mutex`. The call chain is as follows: 1. cros_typec_altmode_work() acquires the mutex 2. typec_altmode_vdm() -> dp_altmode_vdm() -> 3. typec_altmode_exit() -> cros_typec_altmode_exit() 4. cros_typec_altmode_exit() attempts to acquire the mutex again To prevent this, defer the `typec_altmode_exit()` call by scheduling it rather than calling it directly from within the mutex-protected context.
References (10)
Core 10
Core References
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Scores
CVSS v3
5.5
EPSS
0.0012
EPSS Percentile
2.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-667
Status
published
Products (22)
debian/debian_linux
11.0
linux/Kernel
6.1.143 - 6.1.144linux
linux/Kernel
6.12.36 - 6.12.37linux
linux/Kernel
6.15.5 - 6.15.6linux
linux/Kernel
6.6.96 - 6.6.97linux
Linux/Linux
10cc2cfd3e5d0e0ec7590c4bee8bcea10e5492c4 - c782f98eef14197affa8a7b91e6981420f109ea9
Linux/Linux
56846793f105cf2b39ecbde4f3ae86342091f6fc - 7be0d1ea71f52595499da39cea484a895e8ed042
Linux/Linux
6.1.143 - 6.1.144
Linux/Linux
6.12.36 - 6.12.37
Linux/Linux
6.15.5 - 6.15.6
... and 12 more
Published
Jul 25, 2025
Tracked Since
Feb 18, 2026