Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-38404

Опубликовано: 25 июл. 2025
Источник: nvd
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: displayport: Fix potential deadlock

The deadlock can occur due to a recursive lock acquisition of cros_typec_altmode_data::mutex. The call chain is as follows:

  1. cros_typec_altmode_work() acquires the mutex
  2. typec_altmode_vdm() -> dp_altmode_vdm() ->
  3. typec_altmode_exit() -> cros_typec_altmode_exit()
  4. cros_typec_altmode_exit() attempts to acquire the mutex again

To prevent this, defer the typec_altmode_exit() call by scheduling it rather than calling it directly from within the mutex-protected context.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:6.1.143:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6.96:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12.36:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%
0.00014
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-667

Связанные уязвимости

ubuntu логотип

CVE-2025-38404

CVSS3: 5.5
ubuntu
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of `cros_typec_altmode_data::mutex`. The call chain is as follows: 1. cros_typec_altmode_work() acquires the mutex 2. typec_altmode_vdm() -> dp_altmode_vdm() -> 3. typec_altmode_exit() -> cros_typec_altmode_exit() 4. cros_typec_altmode_exit() attempts to acquire the mutex again To prevent this, defer the `typec_altmode_exit()` call by scheduling it rather than calling it directly from within the mutex-protected context.

redhat логотип

CVE-2025-38404

CVSS3: 5.5
redhat
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of `cros_typec_altmode_data::mutex`. The call chain is as follows: 1. cros_typec_altmode_work() acquires the mutex 2. typec_altmode_vdm() -> dp_altmode_vdm() -> 3. typec_altmode_exit() -> cros_typec_altmode_exit() 4. cros_typec_altmode_exit() attempts to acquire the mutex again To prevent this, defer the `typec_altmode_exit()` call by scheduling it rather than calling it directly from within the mutex-protected context.

msrc логотип

CVE-2025-38404

CVSS3: 5.5
msrc
5 месяцев назад

usb: typec: displayport: Fix potential deadlock

debian логотип

CVE-2025-38404

CVSS3: 5.5
debian
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: u ...

github логотип

GHSA-whrv-p2hp-qr7f

CVSS3: 5.5
github
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of `cros_typec_altmode_data::mutex`. The call chain is as follows: 1. cros_typec_altmode_work() acquires the mutex 2. typec_altmode_vdm() -> dp_altmode_vdm() -> 3. typec_altmode_exit() -> cros_typec_altmode_exit() 4. cros_typec_altmode_exit() attempts to acquire the mutex again To prevent this, defer the `typec_altmode_exit()` call by scheduling it rather than calling it directly from within the mutex-protected context.

EPSS

Процентиль: 2%
0.00014
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-667