CVE-2024-43098: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock A deadlock may happen since the i3c_master_register() acquires &i3cbus->lock twice. See the log below. Use i3cdev->desc->info instead of calling i3c_device_info() to avoid acquiring the lock twice. v2: - Modified the title and commit message ============================================ WARNING: possible recursive locking detected 6.11.0-mainline -------------------------------------------- init/1 is trying to acquire lock: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_bus_normaluse_lock but task is already holding lock: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&i3cbus->lock); lock(&i3cbus->lock); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by init/1: #0: fcffff809b6798f8 (&dev->mutex){....}-{3:3}, at: __driver_attach #1: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register stack backtrace: CPU: 6 UID: 0 PID: 1 Comm: init Call trace: dump_backtrace+0xfc/0x17c show_stack+0x18/0x28 dump_stack_lvl+0x40/0xc0 dump_stack+0x18/0x24 print_deadlock_bug+0x388/0x390 __lock_acquire+0x18bc/0x32ec lock_acquire+0x134/0x2b0 down_read+0x50/0x19c i3c_bus_normaluse_lock+0x14/0x24 i3c_device_get_info+0x24/0x58 i3c_device_uevent+0x34/0xa4 dev_uevent+0x310/0x384 kobject_uevent_env+0x244/0x414 kobject_uevent+0x14/0x20 device_add+0x278/0x460 device_register+0x20/0x34 i3c_master_register_new_i3c_devs+0x78/0x154 i3c_master_register+0x6a0/0x6d4 mtk_i3c_master_probe+0x3b8/0x4d8 platform_probe+0xa0/0xe0 really_probe+0x114/0x454 __driver_probe_device+0xa0/0x15c driver_probe_device+0x3c/0x1ac __driver_attach+0xc4/0x1f0 bus_for_each_dev+0x104/0x160 driver_attach+0x24/0x34 bus_add_driver+0x14c/0x294 driver_register+0x68/0x104 __platform_driver_register+0x20/0x30 init_module+0x20/0xfe4 do_one_initcall+0x184/0x464 do_init_module+0x58/0x1ec load_module+0xefc/0x10c8 __arm64_sys_finit_module+0x238/0x33c invoke_syscall+0x58/0x10c el0_svc_common+0xa8/0xdc do_el0_svc+0x1c/0x28 el0_svc+0x50/0xac el0t_64_sync_handler+0x70/0xbc el0t_64_sync+0x1a8/0x1ac
AI Analysis
Technical Summary
CVE-2024-43098 is a vulnerability identified in the Linux kernel related to the I3C (Improved Inter Integrated Circuit) subsystem, specifically involving the i3c_master_register() function and the locking mechanism used within the i3cbus structure. The vulnerability arises from a potential deadlock condition caused by recursive locking of the same mutex lock (&i3cbus->lock). The issue occurs because i3c_master_register() attempts to acquire the i3cbus lock twice without proper nesting or reentrancy handling, leading to a deadlock scenario where the kernel task (init/1) is blocked indefinitely waiting for a lock it already holds. The root cause is the use of the function i3c_device_get_info() which internally acquires the lock again, instead of directly accessing i3cdev->desc->info, which avoids the second lock acquisition. This deadlock can halt the initialization process or device registration, impacting system stability and availability. The vulnerability was identified through kernel debugging logs showing recursive locking attempts and deadlock warnings. The fix involves modifying the code to use the direct info pointer instead of the function call that causes the double lock acquisition. This vulnerability affects Linux kernel versions containing the specified commit hashes and is relevant to systems using the I3C bus driver, which is common in embedded and mobile devices, as well as some server and desktop environments that utilize I3C for device communication. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2024-43098 primarily concerns system availability and stability. Systems running vulnerable Linux kernel versions with I3C bus support may experience deadlocks during device initialization or registration, potentially causing system hangs or crashes. This can disrupt critical infrastructure, embedded systems, or servers relying on Linux for operations, especially in sectors like telecommunications, manufacturing, automotive, and IoT deployments prevalent in Europe. The deadlock could lead to denial of service conditions, requiring manual intervention or system reboots, impacting operational continuity. Confidentiality and integrity impacts are minimal as this is a deadlock issue rather than a direct code execution or privilege escalation vulnerability. However, the availability impact can be significant in environments where uptime and reliability are critical. The lack of known exploits reduces immediate risk, but the vulnerability should be addressed proactively to prevent potential exploitation or accidental system failures.
Mitigation Recommendations
To mitigate CVE-2024-43098, European organizations should: 1) Apply the latest Linux kernel patches that address this deadlock by modifying the i3c_master_register() function to avoid recursive locking. 2) Review and update kernel versions on all systems using I3C bus drivers, especially embedded devices, industrial controllers, and servers with I3C hardware. 3) Implement kernel update policies that prioritize critical infrastructure and embedded systems to minimize downtime risks. 4) Monitor system logs for deadlock warnings or kernel lockup symptoms related to i3cbus locking to detect potential issues early. 5) For systems where immediate patching is not feasible, consider disabling or limiting I3C bus usage if possible, or isolating affected devices to reduce impact. 6) Conduct thorough testing of kernel updates in staging environments to ensure stability before deployment in production. 7) Maintain an inventory of devices and systems using the I3C bus to prioritize patching and risk management efforts. These steps go beyond generic advice by focusing on the specific subsystem and locking mechanism involved in this vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Sweden, Finland
CVE-2024-43098: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock A deadlock may happen since the i3c_master_register() acquires &i3cbus->lock twice. See the log below. Use i3cdev->desc->info instead of calling i3c_device_info() to avoid acquiring the lock twice. v2: - Modified the title and commit message ============================================ WARNING: possible recursive locking detected 6.11.0-mainline -------------------------------------------- init/1 is trying to acquire lock: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_bus_normaluse_lock but task is already holding lock: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&i3cbus->lock); lock(&i3cbus->lock); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by init/1: #0: fcffff809b6798f8 (&dev->mutex){....}-{3:3}, at: __driver_attach #1: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register stack backtrace: CPU: 6 UID: 0 PID: 1 Comm: init Call trace: dump_backtrace+0xfc/0x17c show_stack+0x18/0x28 dump_stack_lvl+0x40/0xc0 dump_stack+0x18/0x24 print_deadlock_bug+0x388/0x390 __lock_acquire+0x18bc/0x32ec lock_acquire+0x134/0x2b0 down_read+0x50/0x19c i3c_bus_normaluse_lock+0x14/0x24 i3c_device_get_info+0x24/0x58 i3c_device_uevent+0x34/0xa4 dev_uevent+0x310/0x384 kobject_uevent_env+0x244/0x414 kobject_uevent+0x14/0x20 device_add+0x278/0x460 device_register+0x20/0x34 i3c_master_register_new_i3c_devs+0x78/0x154 i3c_master_register+0x6a0/0x6d4 mtk_i3c_master_probe+0x3b8/0x4d8 platform_probe+0xa0/0xe0 really_probe+0x114/0x454 __driver_probe_device+0xa0/0x15c driver_probe_device+0x3c/0x1ac __driver_attach+0xc4/0x1f0 bus_for_each_dev+0x104/0x160 driver_attach+0x24/0x34 bus_add_driver+0x14c/0x294 driver_register+0x68/0x104 __platform_driver_register+0x20/0x30 init_module+0x20/0xfe4 do_one_initcall+0x184/0x464 do_init_module+0x58/0x1ec load_module+0xefc/0x10c8 __arm64_sys_finit_module+0x238/0x33c invoke_syscall+0x58/0x10c el0_svc_common+0xa8/0xdc do_el0_svc+0x1c/0x28 el0_svc+0x50/0xac el0t_64_sync_handler+0x70/0xbc el0t_64_sync+0x1a8/0x1ac
AI-Powered Analysis
Technical Analysis
CVE-2024-43098 is a vulnerability identified in the Linux kernel related to the I3C (Improved Inter Integrated Circuit) subsystem, specifically involving the i3c_master_register() function and the locking mechanism used within the i3cbus structure. The vulnerability arises from a potential deadlock condition caused by recursive locking of the same mutex lock (&i3cbus->lock). The issue occurs because i3c_master_register() attempts to acquire the i3cbus lock twice without proper nesting or reentrancy handling, leading to a deadlock scenario where the kernel task (init/1) is blocked indefinitely waiting for a lock it already holds. The root cause is the use of the function i3c_device_get_info() which internally acquires the lock again, instead of directly accessing i3cdev->desc->info, which avoids the second lock acquisition. This deadlock can halt the initialization process or device registration, impacting system stability and availability. The vulnerability was identified through kernel debugging logs showing recursive locking attempts and deadlock warnings. The fix involves modifying the code to use the direct info pointer instead of the function call that causes the double lock acquisition. This vulnerability affects Linux kernel versions containing the specified commit hashes and is relevant to systems using the I3C bus driver, which is common in embedded and mobile devices, as well as some server and desktop environments that utilize I3C for device communication. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2024-43098 primarily concerns system availability and stability. Systems running vulnerable Linux kernel versions with I3C bus support may experience deadlocks during device initialization or registration, potentially causing system hangs or crashes. This can disrupt critical infrastructure, embedded systems, or servers relying on Linux for operations, especially in sectors like telecommunications, manufacturing, automotive, and IoT deployments prevalent in Europe. The deadlock could lead to denial of service conditions, requiring manual intervention or system reboots, impacting operational continuity. Confidentiality and integrity impacts are minimal as this is a deadlock issue rather than a direct code execution or privilege escalation vulnerability. However, the availability impact can be significant in environments where uptime and reliability are critical. The lack of known exploits reduces immediate risk, but the vulnerability should be addressed proactively to prevent potential exploitation or accidental system failures.
Mitigation Recommendations
To mitigate CVE-2024-43098, European organizations should: 1) Apply the latest Linux kernel patches that address this deadlock by modifying the i3c_master_register() function to avoid recursive locking. 2) Review and update kernel versions on all systems using I3C bus drivers, especially embedded devices, industrial controllers, and servers with I3C hardware. 3) Implement kernel update policies that prioritize critical infrastructure and embedded systems to minimize downtime risks. 4) Monitor system logs for deadlock warnings or kernel lockup symptoms related to i3cbus locking to detect potential issues early. 5) For systems where immediate patching is not feasible, consider disabling or limiting I3C bus usage if possible, or isolating affected devices to reduce impact. 6) Conduct thorough testing of kernel updates in staging environments to ensure stability before deployment in production. 7) Maintain an inventory of devices and systems using the I3C bus to prioritize patching and risk management efforts. These steps go beyond generic advice by focusing on the specific subsystem and locking mechanism involved in this vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-01-09T09:51:32.424Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9828c4522896dcbe1f46
Added to database: 5/21/2025, 9:08:56 AM
Last enriched: 6/29/2025, 7:11:40 AM
Last updated: 8/7/2025, 11:33:21 AM
Views: 12
Related Threats
CVE-2025-8854: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in bulletphysics bullet3
HighCVE-2025-8830: OS Command Injection in Linksys RE6250
MediumCVE-2025-54878: CWE-122: Heap-based Buffer Overflow in nasa CryptoLib
HighResearchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
HighCVE-2025-40920: CWE-340 Generation of Predictable Numbers or Identifiers in ETHER Catalyst::Authentication::Credential::HTTP
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.