CVE-2024-43098

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-43098
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43098.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-43098
Downstream
Related
Published
2025-01-11T12:25:10.587Z
Modified
2026-05-28T03:54:25.185454501Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock
Details

In the Linux kernel, the following vulnerability has been resolved:

i3c: Use i3cdev->desc->info instead of calling i3cdeviceget_info() to avoid deadlock

A deadlock may happen since the i3cmasterregister() acquires &i3cbus->lock twice. See the log below. Use i3cdev->desc->info instead of calling i3cdeviceinfo() to avoid acquiring the lock twice.

v2: - Modified the title and commit message

============================================ WARNING: possible recursive locking detected

6.11.0-mainline

init/1 is trying to acquire lock: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3cbusnormaluse_lock

but task is already holding lock: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3cmasterregister

other info that might help us debug this: Possible unsafe locking scenario:

   CPU0
   ----

lock(&i3cbus->lock); lock(&i3cbus->lock);

*** DEADLOCK ***

May be due to missing lock nesting notation

2 locks held by init/1: #0: fcffff809b6798f8 (&dev->mutex){....}-{3:3}, at: _driverattach #1: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3cmasterregister

stack backtrace: CPU: 6 UID: 0 PID: 1 Comm: init Call trace: dumpbacktrace+0xfc/0x17c showstack+0x18/0x28 dumpstacklvl+0x40/0xc0 dumpstack+0x18/0x24 printdeadlock_bug+0x388/0x390 __lockacquire+0x18bc/0x32ec lockacquire+0x134/0x2b0 downread+0x50/0x19c i3cbusnormaluselock+0x14/0x24 i3cdevicegetinfo+0x24/0x58 i3cdeviceuevent+0x34/0xa4 devuevent+0x310/0x384 kobjectueventenv+0x244/0x414 kobjectuevent+0x14/0x20 deviceadd+0x278/0x460 deviceregister+0x20/0x34 i3cmasterregisternewi3cdevs+0x78/0x154 i3cmasterregister+0x6a0/0x6d4 mtki3cmasterprobe+0x3b8/0x4d8 platformprobe+0xa0/0xe0 really_probe+0x114/0x454 __driverprobedevice+0xa0/0x15c driverprobedevice+0x3c/0x1ac __driverattach+0xc4/0x1f0 busforeachdev+0x104/0x160 driverattach+0x24/0x34 busadddriver+0x14c/0x294 driverregister+0x68/0x104 __platformdriverregister+0x20/0x30 initmodule+0x20/0xfe4 dooneinitcall+0x184/0x464 doinitmodule+0x58/0x1ec loadmodule+0xefc/0x10c8 __arm64sysfinitmodule+0x238/0x33c invokesyscall+0x58/0x10c el0svccommon+0xa8/0xdc doel0svc+0x1c/0x28 el0svc+0x50/0xac el0t64synchandler+0x70/0xbc el0t64sync+0x1a8/0x1ac

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43098.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0
Fixed
9a2173660ee53d5699744f02e6ab7bf89fcd0b1a
Fixed
5ac1dd51aaa0ce8b5421d1137e857955a4b6f55e
Fixed
2d98fa2a50b8058de52ada168fa5dbabb574711b
Fixed
816187b1833908941286e71b0041059a4acd52ed
Fixed
ffe19e363c6f8b992ba835a361542568dea17409
Fixed
1f51ae217d09c361ede900b94735a6d2df6c0344
Fixed
6cf7b65f7029914dc0cd7db86fac9ee5159008c6

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43098.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.0.0
Fixed
5.4.287
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.231
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.174
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.120
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.66
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43098.json"