CVE-2026-43319

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A lock inversion exists in the spidev driver involving two mutexes, spi lock and buf lock. These locks were acquired in different orders depending on the execution path: write() and read() functions acquired buf lock then spi lock, while the ioctl() function acquired spi lock then buf lock. This AB-BA locking pattern can lead to circular locking dependencies and deadlocks, causing the SPI system to hang. The issue is triggered when a userspace program performs write() and SPI IOC WR MAX SPEED HZ ioctl() calls from separate threads on the same spidev file descriptor.

Recommendations Update the Linux kernel to a version where the buf lock has been removed and the locking model simplified to use only spi lock for serializing access.