CVE-2026-45849

In the Linux kernel, the following vulnerability has been resolved:

net: mscc: ocelot: add missing lock protection in ocelot port xmit inj()

ocelot port xmit inj() calls ocelot can inject() and ocelot port inject frame() without holding the injection group lock. Both functions contain lockdep assert held() for the injection lock, and the correct caller felix port deferred xmit() properly acquires the lock using ocelot lock inj grp() before calling these functions.

Add ocelot lock inj grp()/ocelot unlock inj grp() around the register injection path to fix the missing lock protection. The FDMA path is not affected as it uses its own locking mechanism.