Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-47469
HistoryMay 22, 2024 - 12:00 a.m.

CVE-2021-47469

2024-05-2200:00:00
ubuntu.com
ubuntu.com
2
linux kernel
vulnerability
deadlock
spi controllers
spi buses

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

In the Linux kernel, the following vulnerability has been resolved: spi:
Fix deadlock when adding SPI controllers on SPI buses Currently we have a
global spi_add_lock which we take when adding new devices so that we can
check that we’re not trying to reuse a chip select that’s already
controlled. This means that if the SPI device is itself a SPI controller
and triggers the instantiation of further SPI devices we trigger a deadlock
as we try to register and instantiate those devices while in the process of
doing so for the parent controller and hence already holding the global
spi_add_lock. Since we only care about concurrency within a single SPI bus
move the lock to be per controller, avoiding the deadlock. This can be
easily triggered in the case of spi-mux.

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%