In the Linux kernel, the following vulnerability has been resolved: spi:
Fix deadlock when adding SPI controllers on SPI buses Currently we have a
global spi_add_lock which we take when adding new devices so that we can
check that we’re not trying to reuse a chip select that’s already
controlled. This means that if the SPI device is itself a SPI controller
and triggers the instantiation of further SPI devices we trigger a deadlock
as we try to register and instantiate those devices while in the process of
doing so for the parent controller and hence already holding the global
spi_add_lock. Since we only care about concurrency within a single SPI bus
move the lock to be per controller, avoiding the deadlock. This can be
easily triggered in the case of spi-mux.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-bluefield | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-gcp | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-gkeop | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-ibm | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-iot | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-kvm | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-oracle | < any | UNKNOWN |
git.kernel.org/linus/6098475d4cb48d821bdf453c61118c56e26294f0 (5.15-rc6)
git.kernel.org/stable/c/6098475d4cb48d821bdf453c61118c56e26294f0
git.kernel.org/stable/c/722ef19a161ce3fffb3d1b01ce2301c306639bdd
launchpad.net/bugs/cve/CVE-2021-47469
nvd.nist.gov/vuln/detail/CVE-2021-47469
security-tracker.debian.org/tracker/CVE-2021-47469
www.cve.org/CVERecord?id=CVE-2021-47469