5.5

CVE-2025-37967

usb: typec: ucsi: displayport: Fix deadlock

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: ucsi: displayport: Fix deadlock

This patch introduces the ucsi_con_mutex_lock / ucsi_con_mutex_unlock
functions to the UCSI driver. ucsi_con_mutex_lock ensures the connector
mutex is only locked if a connection is established and the partner pointer
is valid. This resolves a deadlock scenario where
ucsi_displayport_remove_partner holds con->mutex waiting for
dp_altmode_work to complete while dp_altmode_work attempts to acquire it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.2 < 5.15.184
LinuxLinux Kernel Version >= 5.16 < 6.1.140
LinuxLinux Kernel Version >= 6.2 < 6.6.92
LinuxLinux Kernel Version >= 6.7 < 6.12.30
LinuxLinux Kernel Version >= 6.13 < 6.14.7
LinuxLinux Kernel Version6.15 Updaterc1
LinuxLinux Kernel Version6.15 Updaterc2
LinuxLinux Kernel Version6.15 Updaterc3
LinuxLinux Kernel Version6.15 Updaterc4
LinuxLinux Kernel Version6.15 Updaterc5
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.02
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/61fc1a8e1e10cc784cab5829930838aaf1d37af5
Patch
https://git.kernel.org/stable/c/364618c89d4c57c85e5fc51a2446cd939bf57802
Patch
https://git.kernel.org/stable/c/5924b324468845fc795bd76f588f51d7ab4f202d
Patch
https://git.kernel.org/stable/c/962ce9028ca6eb450d5c205238a3ee27de9d214d
Patch
https://git.kernel.org/stable/c/f32451ca4cb7dc53f2a0e2e66b84d34162747eb7
Patch
https://git.kernel.org/stable/c/f4bd982563c2fd41ec9ca6c517c392d759db801c
Patch
https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
Third Party Advisory