Linux Kernel Sleeping in Atomic Context Vulnerability in LAN966X Driver

A vulnerability has been identified in the Linux kernel's LAN966X Ethernet driver, where a mutex is improperly used in an atomic context. This issue was revealed by a warning indicating that a sleeping function was called from an invalid context, which can lead to potential deadlocks or other synchronization problems. The vulnerability affects Linux kernel versions prior to 6.18.0-rc2-00399-g6f1ab1b109b9.

Impact

The vulnerability can cause the system to hang or become unresponsive, as the improper use of a mutex in an atomic context can lead to deadlocks.

Reproduction

The vulnerability can be reproduced by connecting to a device running the affected Linux kernel version via SSH. This will trigger a warning about a sleeping function being called from an invalid context, indicating that the driver is using a mutex incorrectly in an atomic context.

Remediation

Users can update to the latest version of the Linux kernel where this issue has been fixed. The official Linux Kernel Git Repository can be used to download the patched version.