Description
In the Linux kernel, the following vulnerability has been resolved: net: usb: r8152: fix resume reset deadlock rtl8152 can trigger device reset during reset which potentially can result in a deadlock: **** DPM device timeout after 10 seconds; 15 seconds until panic **** Call Trace: <TASK> schedule+0x483/0x1370 schedule_preempt_disabled+0x15/0x30 __mutex_lock_common+0x1fd/0x470 __rtl8152_set_mac_address+0x80/0x1f0 dev_set_mac_address+0x7f/0x150 rtl8152_post_reset+0x72/0x150 usb_reset_device+0x1d0/0x220 rtl8152_resume+0x99/0xc0 usb_resume_interface+0x3e/0xc0 usb_resume_both+0x104/0x150 usb_resume+0x22/0x110 The problem is that rtl8152 resume calls reset under tp->control mutex while reset basically re-enters rtl8152 and attempts to acquire the same tp->control lock once again. Reset INACCESSIBLE device outside of tp->control mutex scope to avoid recursive mutex_lock() deadlock.
Product status
4933b066fefbee4f1d2d708de53c4ab7f09026ad (git) before 61c8091b7937f91f9bc0b7f6b578de270fe35dc7
4933b066fefbee4f1d2d708de53c4ab7f09026ad (git) before 1b2efc593dca99d8e8e6f6d6c7ccd9a972679702
4933b066fefbee4f1d2d708de53c4ab7f09026ad (git) before 6d06bc83a5ae8777a5f7a81c32dd75b8d9b2fe04
6.11
Any version before 6.11
6.12.70 (semver)
6.18.10 (semver)
6.19 (original_commit_for_fix)
References
git.kernel.org/...c/61c8091b7937f91f9bc0b7f6b578de270fe35dc7
git.kernel.org/...c/1b2efc593dca99d8e8e6f6d6c7ccd9a972679702
git.kernel.org/...c/6d06bc83a5ae8777a5f7a81c32dd75b8d9b2fe04