CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> can: j1939: prevent deadlock by moving j1939_sk_errqueue()<br /> <br /> This commit addresses a deadlock situation that can occur in certain<br /> scenarios, such as when running data TP/ETP transfer and subscribing to<br /> the error queue while receiving a net down event. The deadlock involves<br /> locks in the following order:<br /> <br /> 3<br /> j1939_session_list_lock -&gt; active_session_list_lock<br /> j1939_session_activate<br /> ...<br /> j1939_sk_queue_activate_next -&gt; sk_session_queue_lock<br /> ...<br /> j1939_xtp_rx_eoma_one<br /> <br /> 2<br /> j1939_sk_queue_drop_all -&gt; sk_session_queue_lock<br /> ...<br /> j1939_sk_netdev_event_netdown -&gt; j1939_socks_lock<br /> j1939_netdev_notify<br /> <br /> 1<br /> j1939_sk_errqueue -&gt; j1939_socks_lock<br /> __j1939_session_cancel -&gt; active_session_list_lock<br /> j1939_tp_rxtimer<br /> <br /> CPU0 CPU1<br /> ---- ----<br /> lock(&amp;priv-&gt;active_session_list_lock);<br /> lock(&amp;jsk-&gt;sk_session_queue_lock);<br /> lock(&amp;priv-&gt;active_session_list_lock);<br /> lock(&amp;priv-&gt;j1939_socks_lock);<br /> <br /> The solution implemented in this commit is to move the<br /> j1939_sk_errqueue() call out of the active_session_list_lock context,<br /> thus preventing the deadlock situation.