CVE-2024-54191

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc6+

Description A circular locking dependency warning has been detected in the Linux kernel's Bluetooth module. This issue occurs when the iso sock recvmsg function is called, which can lead to a deadlock scenario. The warning is triggered by the kernel's locking mechanism, which detects a possible circular locking dependency between the hdev->lock and sk lock-AF BLUETOOTH locks. The existing dependency chain is complex and involves multiple locks, including sk lock-AF BLUETOOTH-BTPROTO ISO and sk lock-AF BLUETOOTH. The issue is resolved by reworking the iso sock recvmsg function to ensure that the socket lock is always released before calling a function that locks hdev.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the circular locking dependency warning. At the moment, there is no information about a newer version that contains a fix for this vulnerability.