Eva Kurchatova

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the `i2c hid xfer()` function in the `i2c-hid` component of the Linux kernel. The problem arises when the `I2C HID READ PENDING` flag is set and an interrupt occurs, causing the interrupt handler `i2c hid irq` to return immediately without taking any action. This leads to the interrupt handler being invoked again in an infinite loop, resulting in a lock-up. The `I2C HID READ PENDING` flag is used to serialize I2C operations, but it is not necessary because the I2C core already has its own locking mechanism. **Recommendations** To resolve the issue, remove the `I2C HID READ PENDING` flag to prevent lock-up. As a temporary workaround, consider disabling the `i2c hid xfer()` function until a patch is available. Restrict access to the `i2c-hid` component to minimize the risk of exploitation. Avoid using the `I2C HID READ PENDING` flag in the affected API endpoints until the issue is resolved. Update to a newer version of the Linux kernel, such as version 6.6.37, which fixes bugs and vulnerabilities, including this issue.