CVE-2026-45849
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()
ocelot_port_xmit_inj() calls ocelot_can_inject() and ocelot_port_inject_frame() without holding the injection group lock. Both functions contain lockdep_assert_held() for the injection lock, and the correct caller felix_port_deferred_xmit() properly acquires the lock using ocelot_lock_inj_grp() before calling these functions.
Add ocelot_lock_inj_grp()/ocelot_unlock_inj_grp() around the register injection path to fix the missing lock protection. The FDMA path is not affected as it uses its own locking mechanism.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 960ec92774e152b677ccd0006abcab7b9dd814c2 < 0b217a40156f497e09dd20d3f7baec40c785f386 | affected |
| Linux | Linux | e83b49ecb569c9c5fa7cc30e55cf2c15f71f9f39 < cc1b179f778f98270bdbbb48d183b4b6427ae198 | affected |
| Linux | Linux | c5e12ac3beb0dd3a718296b2d8af5528e9ab728e < 7ac58d8832802ec89baa7539e13e6d58a88cce04 | affected |
| Linux | Linux | c5e12ac3beb0dd3a718296b2d8af5528e9ab728e < 51c32ae7fae14552d79f7139614b77c1bbd57a48 | affected |
| Linux | Linux | c5e12ac3beb0dd3a718296b2d8af5528e9ab728e < 63da961381e0d979459dede713001f8452364477 | affected |
| Linux | Linux | c5e12ac3beb0dd3a718296b2d8af5528e9ab728e < 026f6513c5880c2c89e38ad66bbec2868f978605 | affected |
| Linux | Linux | 609cd73bf38bbd48f1e695e01802114b01aa8811 | affected |
| Linux | Linux | 6.1.107 < 6.1.165 | affected |
| Linux | Linux | 6.6.48 < 6.6.128 | affected |
| Linux | Linux | 6.10.7 < 6.11 | affected |
| Linux | Linux | 6.11 | affected |
| Linux | Linux | 0 < 6.11 | unaffected |
| Linux | Linux | 6.1.165 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.128 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.75 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.14 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.4 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/0b217a40156f497e09dd20d3f7baec40c785f386
- https://git.kernel.org/stable/c/cc1b179f778f98270bdbbb48d183b4b6427ae198
- https://git.kernel.org/stable/c/7ac58d8832802ec89baa7539e13e6d58a88cce04
- https://git.kernel.org/stable/c/51c32ae7fae14552d79f7139614b77c1bbd57a48
- https://git.kernel.org/stable/c/63da961381e0d979459dede713001f8452364477
- https://git.kernel.org/stable/c/026f6513c5880c2c89e38ad66bbec2868f978605
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.