Linux Kernel Deadlock Vulnerability in QCOM PDR Component

A potential deadlock vulnerability has been identified in the Linux kernel's QCOM PDR (Packet Data Routing) component. This issue arises when one process adds a lookup for a service and initiates locator work, while another process simultaneously receives a server packet indicating that a locator is active. The second process updates a status flag that the first process checks, leading to a deadlock situation. The first process, holding a lock while querying a domain list, times out because the response to its request is queued in an ordered workqueue, preventing the second process from completing its task. The deadlock causes a timeout error, disrupting service lookups.

Impact

Exploitation of this vulnerability leads to a deadlock condition, causing timeout errors during service lookups and disrupting normal operations.

Reproduction

The vulnerability can be reproduced by having one process call 'pdr_add_lookup()' to add a service lookup while another process simultaneously calls 'pdr_locator_new_server()' after receiving a server packet. This sequence creates a deadlock when the first process tries to access the domain list, causing a timeout error.

Remediation

The vulnerability has been addressed by modifying the code to eliminate the unnecessary iteration over the service list, which was already being handled in the locator work. The updated code simply schedules the work without the redundant list processing.