CVE-2023-54152
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
24/12/2025
Última modificación:
24/12/2025
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
can: j1939: prevent deadlock by moving j1939_sk_errqueue()<br />
<br />
This commit addresses a deadlock situation that can occur in certain<br />
scenarios, such as when running data TP/ETP transfer and subscribing to<br />
the error queue while receiving a net down event. The deadlock involves<br />
locks in the following order:<br />
<br />
3<br />
j1939_session_list_lock -> active_session_list_lock<br />
j1939_session_activate<br />
...<br />
j1939_sk_queue_activate_next -> sk_session_queue_lock<br />
...<br />
j1939_xtp_rx_eoma_one<br />
<br />
2<br />
j1939_sk_queue_drop_all -> sk_session_queue_lock<br />
...<br />
j1939_sk_netdev_event_netdown -> j1939_socks_lock<br />
j1939_netdev_notify<br />
<br />
1<br />
j1939_sk_errqueue -> j1939_socks_lock<br />
__j1939_session_cancel -> active_session_list_lock<br />
j1939_tp_rxtimer<br />
<br />
CPU0 CPU1<br />
---- ----<br />
lock(&priv->active_session_list_lock);<br />
lock(&jsk->sk_session_queue_lock);<br />
lock(&priv->active_session_list_lock);<br />
lock(&priv->j1939_socks_lock);<br />
<br />
The solution implemented in this commit is to move the<br />
j1939_sk_errqueue() call out of the active_session_list_lock context,<br />
thus preventing the deadlock situation.