CVE-2025-38132
coresight: holding cscfg_csdev_lock while removing cscfg from csdev
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
coresight: holding cscfg_csdev_lock while removing cscfg from csdev
In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfg_csdev_lock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 (perf enable) load module cscfg_load_config_sets() activate config. // sysfs (sys_active_cnt == 1) ... cscfg_csdev_enable_active_config() lock(csdev->cscfg_csdev_lock) deactivate config // sysfs (sys_activec_cnt == 0) cscfg_unload_config_sets() <iterating config_csdev_list> cscfg_remove_owned_csdev_configs() // here load config activate by CPU1 unlock(csdev->cscfg_csdev_lock) iterating config_csdev_list could be raced with config_csdev_list's entry delete. To resolve this race , hold csdev->cscfg_csdev_lock() while cscfg_remove_owned_csdev_configs()
Reserved 2025-04-16 | Published 2025-07-03 | Updated 2025-07-03 | Assigner Linuxgit.kernel.org/...c/42f8afb0b161631fd1d814d017f75f955475ad41
git.kernel.org/...c/53b9e2659719b04f5ba7593f2af0f2335f75e94a
Support options
