In the Linux kernel, the following vulnerability has been resolved:
r8169: fix LED-related deadlock on module removal
Binding devm_led_classdev_register() to the netdev is problematic
because on module removal we get a RTNL-related deadlock. Fix this
by avoiding the device-managed LED functions.
Note: We can safely call led_classdev_unregister() for a LED even
if registering it failed, because led_classdev_unregister() detects
this and is a no-op in this case.
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "18764b883e15",
"lessThan": "53d986f39acd",
"versionType": "git"
},
{
"status": "affected",
"version": "18764b883e15",
"lessThan": "19fa4f2a85d7",
"versionType": "git"
}
],
"programFiles": [
"drivers/net/ethernet/realtek/r8169.h",
"drivers/net/ethernet/realtek/r8169_leds.c",
"drivers/net/ethernet/realtek/r8169_main.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "6.8",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom",
"lessThanOrEqual": "6.8.*"
},
{
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"drivers/net/ethernet/realtek/r8169.h",
"drivers/net/ethernet/realtek/r8169_leds.c",
"drivers/net/ethernet/realtek/r8169_main.c"
],
"defaultStatus": "affected"
}
]