CVE-2024-42090

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-42090
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42090.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-42090
Downstream
Related
Published
2024-07-29T16:26:30.139Z
Modified
2026-03-13T07:57:18.712913Z
Summary
pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
Details

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: fix deadlock in createpinctrl() when handling -EPROBEDEFER

In createpinctrl(), pinctrlmapsmutex is acquired before calling addsetting(). If addsetting() returns -EPROBEDEFER, createpinctrl() calls pinctrlfree(). However, pinctrlfree() attempts to acquire pinctrlmapsmutex, which is already held by createpinctrl(), leading to a potential deadlock.

This patch resolves the issue by releasing pinctrlmapsmutex before calling pinctrl_free(), preventing the deadlock.

This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42090.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
42fed7ba44e4e8c1fb27b28ad14490cb1daff3c7
Fixed
e65a0dc2e85efb28e182aca50218e8a056d0ce04
Fixed
420ce1261907e5dbeda1e4daffd5b6c76f8188c0
Fixed
b813e3fd102a959c5b208ed68afe27e0137a561b
Fixed
01fe2f885f7813f8aed5d3704b384a97b1116a9e
Fixed
b36efd2e3e22a329444b6b24fa48df6d20ae66e6
Fixed
4038c57bf61631219b31f1bd6e92106ec7f084dc
Fixed
48a7a7c9571c3e62f17012dd7f2063e926179ddd
Fixed
adec57ff8e66aee632f3dd1f93787c13d112b7a1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42090.json"