5.5

CVE-2026-45849

net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()

In the Linux kernel, the following vulnerability has been resolved:

net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()

ocelot_port_xmit_inj() calls ocelot_can_inject() and
ocelot_port_inject_frame() without holding the injection group lock.
Both functions contain lockdep_assert_held() for the injection lock,
and the correct caller felix_port_deferred_xmit() properly acquires
the lock using ocelot_lock_inj_grp() before calling these functions.

Add ocelot_lock_inj_grp()/ocelot_unlock_inj_grp() around the register
injection path to fix the missing lock protection. The FDMA path is not
affected as it uses its own locking mechanism.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.1.107 < 6.1.165
LinuxLinux Kernel Version >= 6.6.48 < 6.6.128
LinuxLinux Kernel Version >= 6.10.7 < 6.11
LinuxLinux Kernel Version >= 6.11.1 < 6.12.75
LinuxLinux Kernel Version >= 6.13 < 6.18.14
LinuxLinux Kernel Version >= 6.19 < 6.19.4
LinuxLinux Kernel Version6.11 Update-
LinuxLinux Kernel Version6.11 Updaterc5
LinuxLinux Kernel Version6.11 Updaterc6
LinuxLinux Kernel Version6.11 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.034
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/0b217a40156f497e09dd20d3f7baec40c785f386
Patch
https://git.kernel.org/stable/c/cc1b179f778f98270bdbbb48d183b4b6427ae198
Patch
https://git.kernel.org/stable/c/7ac58d8832802ec89baa7539e13e6d58a88cce04
Patch
https://git.kernel.org/stable/c/51c32ae7fae14552d79f7139614b77c1bbd57a48
Patch
https://git.kernel.org/stable/c/63da961381e0d979459dede713001f8452364477
Patch
https://git.kernel.org/stable/c/026f6513c5880c2c89e38ad66bbec2868f978605
Patch