CVE-2026-53103
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7925: fix potential deadlock in mt7925_roc_abort_sync
roc_abort_sync() can deadlock with roc_work(). roc_work() holds dev->mt76.mutex, while cancel_work_sync() waits for roc_work() to finish. If the caller already owns the same mutex, both sides block and no progress is possible.
This deadlock can occur during station removal when mt76_sta_state() -> mt76_sta_remove() -> mt7925_mac_sta_remove_link() -> mt7925_mac_link_sta_remove() -> mt7925_roc_abort_sync() invokes cancel_work_sync() while roc_work() is still running and holding dev->mt76.mutex.
This avoids the mutex deadlock and preserves exactly-once work ownership.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 45064d19fd3af6aeb0887b35b5564927980cf150 < 153bcba36c87a1ba555b57b6c49028d5812f895b | affected |
| Linux | Linux | 45064d19fd3af6aeb0887b35b5564927980cf150 < 2d8e0053bca29143ace51e08c980ff076844a4b0 | affected |
| Linux | Linux | 45064d19fd3af6aeb0887b35b5564927980cf150 < dd08ca3f092f4185ece69ce2a835c23198b1628a | affected |
| Linux | Linux | 978d1756b3ae1b857826eb7ed8181f3c5180dce9 | affected |
| Linux | Linux | 6.11.2 < 6.12 | affected |
| Linux | Linux | 6.12 | affected |
| Linux | Linux | 0 < 6.12 | unaffected |
| Linux | Linux | 6.18.33 <= 6.18.* | unaffected |
| Linux | Linux | 7.0.10 <= 7.0.* | unaffected |
| Linux | Linux | 7.1 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/153bcba36c87a1ba555b57b6c49028d5812f895b
- https://git.kernel.org/stable/c/2d8e0053bca29143ace51e08c980ff076844a4b0
- https://git.kernel.org/stable/c/dd08ca3f092f4185ece69ce2a835c23198b1628a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.