CVE-2025-23144

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-23144
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-23144.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-23144
Downstream
Related
Published
2025-05-01T13:15:50Z
Modified
2025-08-09T19:01:28Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

backlight: ledbl: Hold ledaccess lock when calling ledsysfsdisable()

Lockdep detects the following issue on led-backlight removal: [ 142.315935] ------------[ cut here ]------------ [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 ledsysfsenable+0x54/0x80 ... [ 142.500725] Call trace: [ 142.503176] ledsysfsenable+0x54/0x80 (P) [ 142.507370] ledblremove+0x80/0xa8 [ledbl] [ 142.511742] platformremove+0x30/0x58 [ 142.515501] device_remove+0x54/0x90 ...

Indeed, ledsysfsenable() has to be called with the led_access lock held.

Hold the lock when calling ledsysfsdisable().

References

Affected packages