CVE-2022-49943

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-rc7+

Description A lockdep violation has been resolved in the Linux kernel. The issue was caused by the scope of udc mutex being too large, which led to a possible circular locking dependency. The problem occurred when the gadget core managed to cause an obscure lockdep violation. Technical details about exploitation include the udc lock mutex and the usb udc uevent function. The kernfs seq start function and kn->active#4 lock are also involved in the dependency chain.

Recommendations For Linux kernel versions prior to 5.19.0-rc7+, update to a version that includes the fix for the lockdep violation. As a temporary workaround, consider adding a check to prevent a UDC from connecting while it has no gadget driver. Restrict access to the soft connect store function to minimize the risk of exploitation until the issue is resolved. Acquire the gadget's device lock instead of the udc mutex in the soft connect store function to ensure mutual exclusion. Add missing lock and unlock calls to the function show routine to protect it while dereferencing udc->driver.