CVE-2026-43319

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: spidev: fix lock inversion between spi_lock and buf_lock<br /> <br /> The spidev driver previously used two mutexes, spi_lock and buf_lock,<br /> but acquired them in different orders depending on the code path:<br /> <br /> write()/read(): buf_lock -&gt; spi_lock<br /> ioctl(): spi_lock -&gt; buf_lock<br /> <br /> This AB-BA locking pattern triggers lockdep warnings and can<br /> cause real deadlocks:<br /> <br /> WARNING: possible circular locking dependency detected<br /> spidev_ioctl() -&gt; mutex_lock(&amp;spidev-&gt;buf_lock)<br /> spidev_sync_write() -&gt; mutex_lock(&amp;spidev-&gt;spi_lock)<br /> *** DEADLOCK ***<br /> <br /> The issue is reproducible with a simple userspace program that<br /> performs write() and SPI_IOC_WR_MAX_SPEED_HZ ioctl() calls from<br /> separate threads on the same spidev file descriptor.<br /> <br /> Fix this by simplifying the locking model and removing the lock<br /> inversion entirely. spidev_sync() no longer performs any locking,<br /> and all callers serialize access using spi_lock.<br /> <br /> buf_lock is removed since its functionality is fully covered by<br /> spi_lock, eliminating the possibility of lock ordering issues.<br /> <br /> This removes the lock inversion and prevents deadlocks without<br /> changing userspace ABI or behaviour.