Description
In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7921: fix potential deadlock in mt7921_roc_abort_sync

roc_abort_sync() can deadlock with roc_work(). roc_work() holds
dev->mt76.mutex, while cancel_work_sync() waits for roc_work()
to finish. If the caller already owns the same mutex, both
sides block and no progress is possible.

This deadlock can occur during station removal when
mt76_sta_state() -> mt76_sta_remove() -> mt7921_mac_sta_remove() ->
mt7921_roc_abort_sync() invokes cancel_work_sync() while
roc_work() is still running and holding dev->mt76.mutex.

This avoids the mutex deadlock and preserves exactly-once
work ownership.
Published: 2026-06-24
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a potential deadlock in the mt7921 Wi‑Fi driver for Linux systems. A race between the mt7921_roc_abort_sync roc_work() handler can cause both to wait on the same mutex, resulting in a stand‑still. This is an example of improper synchronization (CWE‑833) and results only in a denial of wireless connectivity; it does not directly compromise confidentiality or integrity.

Affected Systems

The flaw affects any Linux kernel that contains the mt76 driver family for MediaTek MT7921 Wi‑Fi chips. No specific kernel release numbers are listed, so the commit that introduced the fix is potentially vulnerable.

Risk and Exploitability

The CVSS score is 5.5, the EPSS score is < 1%, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that the deadlock can be triggered by a local attacker with privileged access who initiates station removal while the driver is performing cleanup. Exploitation would cause the driver to block indefinitely, rendering the network interface unusable until a reboot or driver reload.

Generated by OpenCVE AI on June 27, 2026 at 04:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to the latest Linux kernel that includes the commit fixing the deadlock (refer to the provided git commit URLs).
  • If a standard package update is not yet available, apply the patch from commit 35180c772f5e11e2fa4d80d3dfd50906cb6d9646 to your kernel source and rebuild the kernel.
  • After updating or patching, reboot the system or restart the network interface to ensure the driver is re‑initialized without the deadlock.

Generated by OpenCVE AI on June 27, 2026 at 04:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6381-1 linux security update
History

Sat, 04 Jul 2026 12:15:00 +0000


Sat, 27 Jun 2026 03:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-872

Sat, 27 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-833
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


Wed, 24 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-872

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix potential deadlock in mt7921_roc_abort_sync roc_abort_sync() can deadlock with roc_work(). roc_work() holds dev->mt76.mutex, while cancel_work_sync() waits for roc_work() to finish. If the caller already owns the same mutex, both sides block and no progress is possible. This deadlock can occur during station removal when mt76_sta_state() -> mt76_sta_remove() -> mt7921_mac_sta_remove() -> mt7921_roc_abort_sync() invokes cancel_work_sync() while roc_work() is still running and holding dev->mt76.mutex. This avoids the mutex deadlock and preserves exactly-once work ownership.
Title wifi: mt76: mt7921: fix potential deadlock in mt7921_roc_abort_sync
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-07-04T11:50:50.214Z

Reserved: 2026-06-09T07:44:35.384Z

Link: CVE-2026-53101

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-24T00:00:00Z

Links: CVE-2026-53101 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-27T04:30:11Z

Weaknesses