In the Linux kernel, the following vulnerability has been resolved: Revert
“media: v4l2-ctrls: show all owned controls in log_status” This reverts
commit 9801b5b28c6929139d6fceeee8d739cc67bb2739. This patch introduced a
potential deadlock scenario: [Wed May 8 10:02:06 2024] Possible unsafe
locking scenario: [Wed May 8 10:02:06 2024] CPU0 CPU1 [Wed May 8 10:02:06
2024] ---- ---- [Wed May 8 10:02:06 2024]
lock(vivid_ctrls:1620:(hdl_vid_cap)->_lock); [Wed May 8 10:02:06 2024]
lock(vivid_ctrls:1608:(hdl_user_vid)->_lock); [Wed May 8 10:02:06 2024]
lock(vivid_ctrls:1620:(hdl_vid_cap)->_lock); [Wed May 8 10:02:06 2024]
lock(vivid_ctrls:1608:(hdl_user_vid)->_lock); For now just revert.
git.kernel.org/linus/eba63df7eb1f95df6bfb67722a35372b6994928d (6.10-rc1)
git.kernel.org/stable/c/2e0ce54a9c5c7013b1257be044d99cbe7305e9f1
git.kernel.org/stable/c/eba63df7eb1f95df6bfb67722a35372b6994928d
launchpad.net/bugs/cve/CVE-2024-36976
nvd.nist.gov/vuln/detail/CVE-2024-36976
security-tracker.debian.org/tracker/CVE-2024-36976
www.cve.org/CVERecord?id=CVE-2024-36976