{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-43098", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-01-09T09:51:32.424Z", "datePublished": "2025-01-11T12:25:10.587Z", "dateUpdated": "2025-01-15T12:24:35.946Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-01-15T12:24:35.946Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock\n\nA deadlock may happen since the i3c_master_register() acquires\n&i3cbus->lock twice. See the log below.\nUse i3cdev->desc->info instead of calling i3c_device_info() to\navoid acquiring the lock twice.\n\nv2:\n - Modified the title and commit message\n\n============================================\nWARNING: possible recursive locking detected\n6.11.0-mainline\n--------------------------------------------\ninit/1 is trying to acquire lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_bus_normaluse_lock\n\nbut task is already holding lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(&i3cbus->lock);\n lock(&i3cbus->lock);\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n2 locks held by init/1:\n #0: fcffff809b6798f8 (&dev->mutex){....}-{3:3}, at: __driver_attach\n #1: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\n\nstack backtrace:\nCPU: 6 UID: 0 PID: 1 Comm: init\nCall trace:\n dump_backtrace+0xfc/0x17c\n show_stack+0x18/0x28\n dump_stack_lvl+0x40/0xc0\n dump_stack+0x18/0x24\n print_deadlock_bug+0x388/0x390\n __lock_acquire+0x18bc/0x32ec\n lock_acquire+0x134/0x2b0\n down_read+0x50/0x19c\n i3c_bus_normaluse_lock+0x14/0x24\n i3c_device_get_info+0x24/0x58\n i3c_device_uevent+0x34/0xa4\n dev_uevent+0x310/0x384\n kobject_uevent_env+0x244/0x414\n kobject_uevent+0x14/0x20\n device_add+0x278/0x460\n device_register+0x20/0x34\n i3c_master_register_new_i3c_devs+0x78/0x154\n i3c_master_register+0x6a0/0x6d4\n mtk_i3c_master_probe+0x3b8/0x4d8\n platform_probe+0xa0/0xe0\n really_probe+0x114/0x454\n __driver_probe_device+0xa0/0x15c\n driver_probe_device+0x3c/0x1ac\n __driver_attach+0xc4/0x1f0\n bus_for_each_dev+0x104/0x160\n driver_attach+0x24/0x34\n bus_add_driver+0x14c/0x294\n driver_register+0x68/0x104\n __platform_driver_register+0x20/0x30\n init_module+0x20/0xfe4\n do_one_initcall+0x184/0x464\n do_init_module+0x58/0x1ec\n load_module+0xefc/0x10c8\n __arm64_sys_finit_module+0x238/0x33c\n invoke_syscall+0x58/0x10c\n el0_svc_common+0xa8/0xdc\n do_el0_svc+0x1c/0x28\n el0_svc+0x50/0xac\n el0t_64_sync_handler+0x70/0xbc\n el0t_64_sync+0x1a8/0x1ac"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i3c/master.c"], "versions": [{"version": "3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0", "lessThan": "9a2173660ee53d5699744f02e6ab7bf89fcd0b1a", "status": "affected", "versionType": "git"}, {"version": "3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0", "lessThan": "5ac1dd51aaa0ce8b5421d1137e857955a4b6f55e", "status": "affected", "versionType": "git"}, {"version": "3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0", "lessThan": "2d98fa2a50b8058de52ada168fa5dbabb574711b", "status": "affected", "versionType": "git"}, {"version": "3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0", "lessThan": "816187b1833908941286e71b0041059a4acd52ed", "status": "affected", "versionType": "git"}, {"version": "3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0", "lessThan": "ffe19e363c6f8b992ba835a361542568dea17409", "status": "affected", "versionType": "git"}, {"version": "3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0", "lessThan": "1f51ae217d09c361ede900b94735a6d2df6c0344", "status": "affected", "versionType": "git"}, {"version": "3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0", "lessThan": "6cf7b65f7029914dc0cd7db86fac9ee5159008c6", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i3c/master.c"], "versions": [{"version": "5.0", "status": "affected"}, {"version": "0", "lessThan": "5.0", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.287", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.231", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.174", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.120", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.66", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.5", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/9a2173660ee53d5699744f02e6ab7bf89fcd0b1a"}, {"url": "https://git.kernel.org/stable/c/5ac1dd51aaa0ce8b5421d1137e857955a4b6f55e"}, {"url": "https://git.kernel.org/stable/c/2d98fa2a50b8058de52ada168fa5dbabb574711b"}, {"url": "https://git.kernel.org/stable/c/816187b1833908941286e71b0041059a4acd52ed"}, {"url": "https://git.kernel.org/stable/c/ffe19e363c6f8b992ba835a361542568dea17409"}, {"url": "https://git.kernel.org/stable/c/1f51ae217d09c361ede900b94735a6d2df6c0344"}, {"url": "https://git.kernel.org/stable/c/6cf7b65f7029914dc0cd7db86fac9ee5159008c6"}], "title": "i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock\n\nA deadlock may happen since the i3c_master_register() acquires\n&i3cbus->lock twice. See the log below.\nUse i3cdev->desc->info instead of calling i3c_device_info() to\navoid acquiring the lock twice.\n\nv2:\n - Modified the title and commit message\n\n============================================\nWARNING: possible recursive locking detected\n6.11.0-mainline\n--------------------------------------------\ninit/1 is trying to acquire lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_bus_normaluse_lock\n\nbut task is already holding lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(&i3cbus->lock);\n lock(&i3cbus->lock);\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n2 locks held by init/1:\n #0: fcffff809b6798f8 (&dev->mutex){....}-{3:3}, at: __driver_attach\n #1: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\n\nstack backtrace:\nCPU: 6 UID: 0 PID: 1 Comm: init\nCall trace:\n dump_backtrace+0xfc/0x17c\n show_stack+0x18/0x28\n dump_stack_lvl+0x40/0xc0\n dump_stack+0x18/0x24\n print_deadlock_bug+0x388/0x390\n __lock_acquire+0x18bc/0x32ec\n lock_acquire+0x134/0x2b0\n down_read+0x50/0x19c\n i3c_bus_normaluse_lock+0x14/0x24\n i3c_device_get_info+0x24/0x58\n i3c_device_uevent+0x34/0xa4\n dev_uevent+0x310/0x384\n kobject_uevent_env+0x244/0x414\n kobject_uevent+0x14/0x20\n device_add+0x278/0x460\n device_register+0x20/0x34\n i3c_master_register_new_i3c_devs+0x78/0x154\n i3c_master_register+0x6a0/0x6d4\n mtk_i3c_master_probe+0x3b8/0x4d8\n platform_probe+0xa0/0xe0\n really_probe+0x114/0x454\n __driver_probe_device+0xa0/0x15c\n driver_probe_device+0x3c/0x1ac\n __driver_attach+0xc4/0x1f0\n bus_for_each_dev+0x104/0x160\n driver_attach+0x24/0x34\n bus_add_driver+0x14c/0x294\n driver_register+0x68/0x104\n __platform_driver_register+0x20/0x30\n init_module+0x20/0xfe4\n do_one_initcall+0x184/0x464\n do_init_module+0x58/0x1ec\n load_module+0xefc/0x10c8\n __arm64_sys_finit_module+0x238/0x33c\n invoke_syscall+0x58/0x10c\n el0_svc_common+0xa8/0xdc\n do_el0_svc+0x1c/0x28\n el0_svc+0x50/0xac\n el0t_64_sync_handler+0x70/0xbc\n el0t_64_sync+0x1a8/0x1ac"}], "id": "CVE-2024-43098", "lastModified": "2025-01-11T13:15:21.240", "metrics": {}, "published": "2025-01-11T13:15:21.240", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1f51ae217d09c361ede900b94735a6d2df6c0344"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2d98fa2a50b8058de52ada168fa5dbabb574711b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5ac1dd51aaa0ce8b5421d1137e857955a4b6f55e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6cf7b65f7029914dc0cd7db86fac9ee5159008c6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/816187b1833908941286e71b0041059a4acd52ed"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9a2173660ee53d5699744f02e6ab7bf89fcd0b1a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ffe19e363c6f8b992ba835a361542568dea17409"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock", "id": "2337341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337341"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ni3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock\nA deadlock may happen since the i3c_master_register() acquires\n&i3cbus->lock twice. See the log below.\nUse i3cdev->desc->info instead of calling i3c_device_info() to\navoid acquiring the lock twice.\nv2:\n- Modified the title and commit message\n============================================\nWARNING: possible recursive locking detected\n6.11.0-mainline\n--------------------------------------------\ninit/1 is trying to acquire lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_bus_normaluse_lock\nbut task is already holding lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\nother info that might help us debug this:\nPossible unsafe locking scenario:\nCPU0\n----\nlock(&i3cbus->lock);\nlock(&i3cbus->lock);\n*** DEADLOCK ***\nMay be due to missing lock nesting notation\n2 locks held by init/1:\n#0: fcffff809b6798f8 (&dev->mutex){....}-{3:3}, at: __driver_attach\n#1: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\nstack backtrace:\nCPU: 6 UID: 0 PID: 1 Comm: init\nCall trace:\ndump_backtrace+0xfc/0x17c\nshow_stack+0x18/0x28\ndump_stack_lvl+0x40/0xc0\ndump_stack+0x18/0x24\nprint_deadlock_bug+0x388/0x390\n__lock_acquire+0x18bc/0x32ec\nlock_acquire+0x134/0x2b0\ndown_read+0x50/0x19c\ni3c_bus_normaluse_lock+0x14/0x24\ni3c_device_get_info+0x24/0x58\ni3c_device_uevent+0x34/0xa4\ndev_uevent+0x310/0x384\nkobject_uevent_env+0x244/0x414\nkobject_uevent+0x14/0x20\ndevice_add+0x278/0x460\ndevice_register+0x20/0x34\ni3c_master_register_new_i3c_devs+0x78/0x154\ni3c_master_register+0x6a0/0x6d4\nmtk_i3c_master_probe+0x3b8/0x4d8\nplatform_probe+0xa0/0xe0\nreally_probe+0x114/0x454\n__driver_probe_device+0xa0/0x15c\ndriver_probe_device+0x3c/0x1ac\n__driver_attach+0xc4/0x1f0\nbus_for_each_dev+0x104/0x160\ndriver_attach+0x24/0x34\nbus_add_driver+0x14c/0x294\ndriver_register+0x68/0x104\n__platform_driver_register+0x20/0x30\ninit_module+0x20/0xfe4\ndo_one_initcall+0x184/0x464\ndo_init_module+0x58/0x1ec\nload_module+0xefc/0x10c8\n__arm64_sys_finit_module+0x238/0x33c\ninvoke_syscall+0x58/0x10c\nel0_svc_common+0xa8/0xdc\ndo_el0_svc+0x1c/0x28\nel0_svc+0x50/0xac\nel0t_64_sync_handler+0x70/0xbc\nel0t_64_sync+0x1a8/0x1ac"], "name": "CVE-2024-43098", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-43098\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-43098\nhttps://lore.kernel.org/linux-cve-announce/2025011118-CVE-2024-43098-e732@gregkh/T"], "threat_severity": "Low"}