In the Linux kernel, the following vulnerability has been resolved:
USB: core: Fix deadlock in port "disable" sysfs attribute
The show and store callback routines for the "disable" sysfs attribute file in port.c acquire the device lock for the port's parent hub device. This can cause problems if another process has locked the hub to remove it or change its configuration:
Removing the hub or changing its configuration requires the
hub interface to be removed, which requires the port device
to be removed, and device_del() waits until all outstanding
sysfs attribute callbacks for the ports have returned. The
lock can't be released until then.
But the disable_show() or disable_store() routine can't return
until after it has acquired the lock.
The resulting deadlock can be avoided by calling sysfsbreakactiveprotection(). This will cause the sysfs core not to wait for the attribute's callback routine to return, allowing the removal to proceed. The disadvantage is that after making this call, there is no guarantee that the hub structure won't be deallocated at any moment. To prevent this, we have to acquire a reference to it first by calling hubget().
{ "vanir_signatures": [ { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_show" }, "deprecated": false, "digest": { "length": 661.0, "function_hash": "37636659622393138531694318488977617614" }, "id": "CVE-2024-26933-04cc347f", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@73d1589b91f2099e5f6534a8497b7c6b527e064e" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_show" }, "deprecated": false, "digest": { "length": 661.0, "function_hash": "37636659622393138531694318488977617614" }, "id": "CVE-2024-26933-0da00049", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9dac54f08198147f5ec0ec52fcf1bc8ac899ac05" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_show" }, "deprecated": false, "digest": { "length": 661.0, "function_hash": "37636659622393138531694318488977617614" }, "id": "CVE-2024-26933-1627642e", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4facc9421117ba9d8148c73771b213887fec77f7" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_store" }, "deprecated": false, "digest": { "length": 860.0, "function_hash": "50033942325157559987423791923821243277" }, "id": "CVE-2024-26933-31dda12d", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@73d1589b91f2099e5f6534a8497b7c6b527e064e" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "drivers/usb/core/port.c" }, "deprecated": false, "digest": { "line_hashes": [ "124124045036899436569161070295595321865", "326887834523353942653519193964280325419", "38586705395991690919735502820911824194", "139407035192693395387539503100523854874", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "55762583053224496597156531192207606646", "86370027341593792303759598439799789148", "60327275114857330868864218525914874543", "167328098052921327121952760193688001015", "120182405466693735386686343083452268070", "74699283725168474774306148980013394388", "240926079715357974461884545839157582378", "174798319353103657856904626483135351943", "12100127611703284219116342607608385116", "134930433727958339848591324817453396552", "297554066257086817194536068822597395964", "139363897085626931608232261585189689926", "81078741684642585168402637371131384652", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "273715955907387436636965930678712306264", "5436533513113353330963380175911228589", "79703716833602937183347318039239600435", "27163837526590080694860098822300783095", "244732656672976450350753721248872890533", "318816572062315508842336938147569101968" ], "threshold": 0.9 }, "id": "CVE-2024-26933-32a8ca73", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@73d1589b91f2099e5f6534a8497b7c6b527e064e" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_store" }, "deprecated": false, "digest": { "length": 860.0, "function_hash": "50033942325157559987423791923821243277" }, "id": "CVE-2024-26933-44903e4f", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9dac54f08198147f5ec0ec52fcf1bc8ac899ac05" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "drivers/usb/core/port.c" }, "deprecated": false, "digest": { "line_hashes": [ "124124045036899436569161070295595321865", "326887834523353942653519193964280325419", "38586705395991690919735502820911824194", "139407035192693395387539503100523854874", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "55762583053224496597156531192207606646", "86370027341593792303759598439799789148", "60327275114857330868864218525914874543", "167328098052921327121952760193688001015", "120182405466693735386686343083452268070", "74699283725168474774306148980013394388", "240926079715357974461884545839157582378", "174798319353103657856904626483135351943", "12100127611703284219116342607608385116", "134930433727958339848591324817453396552", "297554066257086817194536068822597395964", "139363897085626931608232261585189689926", "81078741684642585168402637371131384652", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "273715955907387436636965930678712306264", "5436533513113353330963380175911228589", "79703716833602937183347318039239600435", "27163837526590080694860098822300783095", "244732656672976450350753721248872890533", "318816572062315508842336938147569101968" ], "threshold": 0.9 }, "id": "CVE-2024-26933-6b6ebe73", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4d1960764d8a70318b02f15203a1be2b2554ca1" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_store" }, "deprecated": false, "digest": { "length": 860.0, "function_hash": "50033942325157559987423791923821243277" }, "id": "CVE-2024-26933-85ac0380", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f51849833705dea5b4f9b0c8de714dd87bd6c95c" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "drivers/usb/core/port.c" }, "deprecated": false, "digest": { "line_hashes": [ "124124045036899436569161070295595321865", "326887834523353942653519193964280325419", "38586705395991690919735502820911824194", "139407035192693395387539503100523854874", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "55762583053224496597156531192207606646", "86370027341593792303759598439799789148", "60327275114857330868864218525914874543", "167328098052921327121952760193688001015", "120182405466693735386686343083452268070", "74699283725168474774306148980013394388", "240926079715357974461884545839157582378", "174798319353103657856904626483135351943", "12100127611703284219116342607608385116", "134930433727958339848591324817453396552", "297554066257086817194536068822597395964", "139363897085626931608232261585189689926", "81078741684642585168402637371131384652", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "273715955907387436636965930678712306264", "5436533513113353330963380175911228589", "79703716833602937183347318039239600435", "27163837526590080694860098822300783095", "244732656672976450350753721248872890533", "318816572062315508842336938147569101968" ], "threshold": 0.9 }, "id": "CVE-2024-26933-95fa5f81", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4facc9421117ba9d8148c73771b213887fec77f7" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "drivers/usb/core/port.c" }, "deprecated": false, "digest": { "line_hashes": [ "124124045036899436569161070295595321865", "326887834523353942653519193964280325419", "38586705395991690919735502820911824194", "139407035192693395387539503100523854874", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "55762583053224496597156531192207606646", "86370027341593792303759598439799789148", "60327275114857330868864218525914874543", "167328098052921327121952760193688001015", "120182405466693735386686343083452268070", "74699283725168474774306148980013394388", "240926079715357974461884545839157582378", "174798319353103657856904626483135351943", "12100127611703284219116342607608385116", "134930433727958339848591324817453396552", "297554066257086817194536068822597395964", "139363897085626931608232261585189689926", "81078741684642585168402637371131384652", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "273715955907387436636965930678712306264", "5436533513113353330963380175911228589", "79703716833602937183347318039239600435", "27163837526590080694860098822300783095", "244732656672976450350753721248872890533", "318816572062315508842336938147569101968" ], "threshold": 0.9 }, "id": "CVE-2024-26933-a2b07ded", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f51849833705dea5b4f9b0c8de714dd87bd6c95c" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_show" }, "deprecated": false, "digest": { "length": 661.0, "function_hash": "37636659622393138531694318488977617614" }, "id": "CVE-2024-26933-a6d67dd9", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4d1960764d8a70318b02f15203a1be2b2554ca1" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_show" }, "deprecated": false, "digest": { "length": 661.0, "function_hash": "37636659622393138531694318488977617614" }, "id": "CVE-2024-26933-a74fbb7f", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f51849833705dea5b4f9b0c8de714dd87bd6c95c" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "drivers/usb/core/port.c" }, "deprecated": false, "digest": { "line_hashes": [ "124124045036899436569161070295595321865", "326887834523353942653519193964280325419", "38586705395991690919735502820911824194", "139407035192693395387539503100523854874", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "55762583053224496597156531192207606646", "86370027341593792303759598439799789148", "60327275114857330868864218525914874543", "167328098052921327121952760193688001015", "120182405466693735386686343083452268070", "74699283725168474774306148980013394388", "240926079715357974461884545839157582378", "103054053711194591297063725984990359862", "273801271446902368297959174611727074659", "321986271576032606030593970552667753540", "322731579964309974937543987847389460288", "139363897085626931608232261585189689926", "81078741684642585168402637371131384652", "140356554113422913868213642176260313198", "40509844877883886826106271776309033633", "48586636410518339489213555006975358238", "273715955907387436636965930678712306264", "5436533513113353330963380175911228589", "79703716833602937183347318039239600435", "27163837526590080694860098822300783095", "244732656672976450350753721248872890533", "318816572062315508842336938147569101968" ], "threshold": 0.9 }, "id": "CVE-2024-26933-a8991407", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9dac54f08198147f5ec0ec52fcf1bc8ac899ac05" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_store" }, "deprecated": false, "digest": { "length": 860.0, "function_hash": "50033942325157559987423791923821243277" }, "id": "CVE-2024-26933-c3ebbb60", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4d1960764d8a70318b02f15203a1be2b2554ca1" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "drivers/usb/core/port.c", "function": "disable_store" }, "deprecated": false, "digest": { "length": 860.0, "function_hash": "50033942325157559987423791923821243277" }, "id": "CVE-2024-26933-dddef75b", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4facc9421117ba9d8148c73771b213887fec77f7" } ] }