Linux · Linux Kernel · CVE-2025-21859
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
A deadlock issue occurs when using USB MIDI due to a re-entrant call to `f midi transmit()`, causing an attempt to acquire a lock twice. This issue is resolved by using `queue work()` to schedule the inner `f midi transmit()` function via a high priority work queue from the completion handler.
Recommendations:
To resolve the issue, use `queue work()` to schedule the inner `f midi transmit()` function via a high priority work queue from the completion handler, as implemented in the fix.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.