CVE-2024-26934

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> USB: core: Fix deadlock in usb_deauthorize_interface()<br /> <br /> Among the attribute file callback routines in<br /> drivers/usb/core/sysfs.c, the interface_authorized_store() function is<br /> the only one which acquires a device lock on an ancestor device: It<br /> calls usb_deauthorize_interface(), which locks the interface&amp;#39;s parent<br /> USB device.<br /> <br /> The will lead to deadlock if another process already owns that lock<br /> and tries to remove the interface, whether through a configuration<br /> change or because the device has been disconnected. As part of the<br /> removal procedure, device_del() waits for all ongoing sysfs attribute<br /> callbacks to complete. But usb_deauthorize_interface() can&amp;#39;t complete<br /> until the device lock has been released, and the lock won&amp;#39;t be<br /> released until the removal has finished.<br /> <br /> The mechanism provided by sysfs to prevent this kind of deadlock is<br /> to use the sysfs_break_active_protection() function, which tells sysfs<br /> not to wait for the attribute callback.<br /> <br /> Reported-and-tested by: Yue Sun <br /> Reported by: xingwei lee