Primary

Context

Linux Kernel Circular Locking Dependency Vulnerability in Xilinx UARTPS TTY Handling

Vulnerability

A vulnerability in the Linux kernel's handling of the Xilinx UARTPS TTY subsystem has been identified, related to improper management of system request (sysrq) commands. The issue arises from a circular locking dependency that can lead to a deadlock. When the console writes to the UART port, it may attempt to acquire a lock that is already held by another process handling a sysrq command, creating a conflict. The vulnerability has been addressed by modifying the sysrq handling to prevent such circular dependencies.

Impact

Exploitation of this vulnerability can lead to a deadlock situation, where two processes are stuck waiting for each other to release locks, causing a halt in execution.

Remediation

Users can apply the latest patches available in the Linux kernel repository to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Circular Locking Dependency Vulnerability in Xilinx UARTPS TTY Handling

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating