PT-2025-3024 · Linux+4 · Linux Kernel+4

Published

2024-12-09

·

Updated

2025-09-29

·

CVE-2024-54460

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc6+
Description A circular locking dependency warning has been detected in the Linux kernel's Bluetooth module. The issue occurs when the iso listen bis function is called, which can lead to a potential deadlock with the hdev lock. The warning is triggered when the kworker/u81:2/2623 task tries to acquire the sk lock-AF BLUETOOTH-BTPROTO ISO lock while already holding the &hdev->lock lock.
The existing dependency chain is as follows:
  • &hdev->lock is held by the hci le per adv report evt function
  • sk lock-AF BLUETOOTH-BTPROTO ISO is held by the iso connect cfm function
This can cause a deadlock when the iso connect cfm function tries to acquire the &hdev->lock lock while already holding the sk lock-AF BLUETOOTH-BTPROTO ISO lock.
Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the circular locking dependency warning. As a temporary workaround, consider disabling the Bluetooth module until a patch is available.

Exploit

Fix

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17881
BDU:2025-04673
CVE-2024-54460
INFSA-2025_6966
RHSA-2025:6966
RHSA-2025_6966
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Red Hat
Ubuntu