Description
In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939_sk_errqueue() This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a net down event. The deadlock involves locks in the following order: 3 j1939_session_list_lock -> active_session_list_lock j1939_session_activate ... j1939_sk_queue_activate_next -> sk_session_queue_lock ... j1939_xtp_rx_eoma_one 2 j1939_sk_queue_drop_all -> sk_session_queue_lock ... j1939_sk_netdev_event_netdown -> j1939_socks_lock j1939_netdev_notify 1 j1939_sk_errqueue -> j1939_socks_lock __j1939_session_cancel -> active_session_list_lock j1939_tp_rxtimer CPU0 CPU1 ---- ---- lock(&priv->active_session_list_lock); lock(&jsk->sk_session_queue_lock); lock(&priv->active_session_list_lock); lock(&priv->j1939_socks_lock); The solution implemented in this commit is to move the j1939_sk_errqueue() call out of the active_session_list_lock context, thus preventing the deadlock situation.
Product status
5b9272e93f2efe3f6cda60cc2c26817b2ce49386 (git) before 8a581b71cf686b4cd1a85c9c2dfc2fb88382c3b4
5b9272e93f2efe3f6cda60cc2c26817b2ce49386 (git) before ace6aa2ab5ba5869563ca689bbd912100514ae7b
5b9272e93f2efe3f6cda60cc2c26817b2ce49386 (git) before f09ce9d765de1f064ce3919f57c6beb061744784
5b9272e93f2efe3f6cda60cc2c26817b2ce49386 (git) before d1366b283d94ac4537a4b3a1e8668da4df7ce7e9
5.15
Any version before 5.15
5.15.106 (semver)
6.1.23 (semver)
6.2.10 (semver)
6.3 (original_commit_for_fix)
References
git.kernel.org/...c/8a581b71cf686b4cd1a85c9c2dfc2fb88382c3b4
git.kernel.org/...c/ace6aa2ab5ba5869563ca689bbd912100514ae7b
git.kernel.org/...c/f09ce9d765de1f064ce3919f57c6beb061744784
git.kernel.org/...c/d1366b283d94ac4537a4b3a1e8668da4df7ce7e9
Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.
