CVE-2025-39712

MEDIUM

Linux Kernel - Deadlock in V4L2 Subdev Frame Interval Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval Getting / Setting the frame interval using the V4L2 subdev pad ops get_frame_interval/set_frame_interval causes a deadlock, as the subdev state is locked in the [1] but also in the driver itself. In [2] it's described that the caller is responsible to acquire and release the lock in this case. Therefore, acquiring the lock in the driver is wrong. Remove the lock acquisitions/releases from mt9m114_ifp_get_frame_interval() and mt9m114_ifp_set_frame_interval(). [1] drivers/media/v4l2-core/v4l2-subdev.c - line 1129 [2] Documentation/driver-api/media/v4l2-subdev.rst

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/0d23b548d71e5d76955fdf1d73addd8f6494f602

Patch

https://git.kernel.org/stable/c/41b97490a1656bdc7038d6345a84b08d45deafc6

Patch

https://git.kernel.org/stable/c/298d1471cf83d5a2a05970e41822a2403f451086

Scores

CVSS v3 5.5

EPSS 0.0010

EPSS Percentile 1.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-667

Status published

Products (11)

linux/Kernel 6.13.0 - 6.16.4linux

linux/Kernel 6.7.0 - 6.12.44linux

Linux/Linux < 6.7

Linux/Linux 24d756e914fc3418bad7897b0657aefa9ef848e8 - 0d23b548d71e5d76955fdf1d73addd8f6494f602

Linux/Linux 24d756e914fc3418bad7897b0657aefa9ef848e8 - 298d1471cf83d5a2a05970e41822a2403f451086

Linux/Linux 24d756e914fc3418bad7897b0657aefa9ef848e8 - 41b97490a1656bdc7038d6345a84b08d45deafc6

Linux/Linux 6.12.44 - 6.12.*

Linux/Linux 6.16.4 - 6.16.*

Linux/Linux 6.17

Linux/Linux 6.7

... and 1 more

Published Sep 05, 2025

Tracked Since Feb 18, 2026