Linux Kernel I3C Bus Deadlock Vulnerability

A deadlock vulnerability has been identified in the Linux kernel's I3C bus implementation. This issue arises because the I3C master registration process acquires the bus lock twice, leading to a potential recursive locking scenario. The vulnerability has been addressed by modifying the way device information is retrieved, using the device descriptor's info field instead of a function that calls for the information while also acquiring the lock, which could result in a deadlock.

Impact

Exploitation of this vulnerability can lead to a deadlock situation, where the system becomes unresponsive due to two processes holding locks and waiting for each other to release them.

Reproduction

The vulnerability can be reproduced by registering an I3C master device, which will trigger the deadlock scenario. This can be done by adding a platform driver that registers new I3C devices, causing the I3C master registration function to be called. The recursive locking can be observed in the system log, where a deadlock warning is generated, indicating that the I3C bus lock is being held by the initialization process while simultaneously trying to acquire it again, creating a deadlock condition.

Remediation

The vulnerability has been fixed in the official Linux Git repository. Users should upgrade to the latest version to address this issue.