Linux Kernel USB DWC3 Gadget VBUS Draw Workqueue Context Vulnerability

A vulnerability in the Linux kernel's USB DWC3 gadget driver can lead to a kernel panic. The issue arises because the function 'dwc3_gadget_vbus_draw' can be called from an atomic context, which then invokes power-supply-core APIs. Some of these APIs may perform operations that can sleep, causing a kernel panic. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can cause a kernel panic, disrupting system operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by calling the 'dwc3_gadget_vbus_draw' function from an atomic context. This can be done by triggering a USB event that invokes the function while the system is in an atomic state, such as during an interrupt or within a spinlock. The function will then attempt to use power-supply-core APIs that may sleep, leading to a kernel panic.

Remediation

The vulnerability has been addressed by moving the 'vbus_draw' operation into a workqueue context, where it can be safely executed without risking a kernel panic. Users should apply the latest patches available in the Linux kernel stable tree to mitigate this issue.