CVE-2025-37907

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> accel/ivpu: Fix locking order in ivpu_job_submit<br /> <br /> Fix deadlock in job submission and abort handling.<br /> When a thread aborts currently executing jobs due to a fault,<br /> it first locks the global lock protecting submitted_jobs (#1).<br /> <br /> After the last job is destroyed, it proceeds to release the related context<br /> and locks file_priv (#2). Meanwhile, in the job submission thread,<br /> the file_priv lock (#2) is taken first, and then the submitted_jobs<br /> lock (#1) is obtained when a job is added to the submitted jobs list.<br /> <br /> CPU0 CPU1<br /> ---- ----<br /> (for example due to a fault) (jobs submissions keep coming)<br /> <br /> lock(&amp;vdev-&gt;submitted_jobs_lock) #1<br /> ivpu_jobs_abort_all()<br /> job_destroy()<br /> lock(&amp;file_priv-&gt;lock) #2<br /> lock(&amp;vdev-&gt;submitted_jobs_lock) #1<br /> file_priv_release()<br /> lock(&amp;vdev-&gt;context_list_lock)<br /> lock(&amp;file_priv-&gt;lock) #2<br /> <br /> This order of locking causes a deadlock. To resolve this issue,<br /> change the order of locking in ivpu_job_submit().