Bugzilla – Bug 1226511
VUL-0: CVE-2024-36976: kernel: Revert "media: v4l2-ctrls: show all owned controls in log_status"
Last modified: 2024-07-03 13:32:56 UTC
In the Linux kernel, the following vulnerability has been resolved: Revert "media: v4l2-ctrls: show all owned controls in log_status" This reverts commit 9801b5b28c6929139d6fceeee8d739cc67bb2739. This patch introduced a potential deadlock scenario: [Wed May 8 10:02:06 2024] Possible unsafe locking scenario: [Wed May 8 10:02:06 2024] CPU0 CPU1 [Wed May 8 10:02:06 2024] ---- ---- [Wed May 8 10:02:06 2024] lock(vivid_ctrls:1620:(hdl_vid_cap)->_lock); [Wed May 8 10:02:06 2024] lock(vivid_ctrls:1608:(hdl_user_vid)->_lock); [Wed May 8 10:02:06 2024] lock(vivid_ctrls:1620:(hdl_vid_cap)->_lock); [Wed May 8 10:02:06 2024] lock(vivid_ctrls:1608:(hdl_user_vid)->_lock); For now just revert. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-36976 https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-36976.mbox https://git.kernel.org/stable/c/2e0ce54a9c5c7013b1257be044d99cbe7305e9f1 https://git.kernel.org/stable/c/eba63df7eb1f95df6bfb67722a35372b6994928d https://www.cve.org/CVERecord?id=CVE-2024-36976 https://bugzilla.redhat.com/show_bug.cgi?id=2293005
All done, closing.