CVE-2024-46791: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open The mcp251x_hw_wake() function is called with the mpc_lock mutex held and disables the interrupt handler so that no interrupts can be processed while waking the device. If an interrupt has already occurred then waiting for the interrupt handler to complete will deadlock because it will be trying to acquire the same mutex. CPU0 CPU1 ---- ---- mcp251x_open() mutex_lock(&priv->mcp_lock) request_threaded_irq() <interrupt> mcp251x_can_ist() mutex_lock(&priv->mcp_lock) mcp251x_hw_wake() disable_irq() <-- deadlock Use disable_irq_nosync() instead because the interrupt handler does everything while holding the mutex so it doesn't matter if it's still running.
AI Analysis
Technical Summary
CVE-2024-46791 is a concurrency-related vulnerability in the Linux kernel's CAN (Controller Area Network) driver for the MCP251x device, specifically within the mcp251x_open() function. The issue arises due to improper handling of mutex locks and interrupt disabling during device wake-up. The function mcp251x_hw_wake() is called while holding the mcp_lock mutex and attempts to disable interrupts using disable_irq(). However, if an interrupt has already occurred and the interrupt handler (mcp251x_can_ist()) is running on another CPU and tries to acquire the same mutex, a deadlock situation occurs. This deadlock happens because disable_irq() waits for the interrupt handler to finish, but the handler cannot proceed as it is blocked waiting for the mutex held by mcp251x_hw_wake(). The correct approach, as fixed, is to use disable_irq_nosync(), which disables the interrupt without waiting for the handler to complete, thus preventing the deadlock. This vulnerability affects Linux kernel versions containing the specified commit hashes and pertains to the CAN driver for MCP251x devices, which are commonly used in embedded systems and automotive applications. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability could lead to system hangs or denial of service (DoS) conditions on devices running vulnerable Linux kernels with MCP251x CAN drivers. This is particularly relevant for industries relying on embedded Linux systems with CAN interfaces, such as automotive manufacturers, industrial automation, and critical infrastructure sectors. A deadlock in the kernel can cause affected devices to become unresponsive, potentially disrupting operations or safety-critical functions. While this vulnerability does not directly allow privilege escalation or data leakage, the availability impact could be significant in environments where continuous operation is critical. The lack of known exploits reduces immediate risk, but the potential for DoS in embedded or industrial control systems makes timely patching important.
Mitigation Recommendations
Organizations should promptly update their Linux kernel to versions where this vulnerability is patched, specifically applying the fix that replaces disable_irq() with disable_irq_nosync() in the mcp251x driver. For embedded systems or custom Linux builds, vendors and integrators must ensure kernel updates are tested and deployed. Additionally, organizations should audit their use of MCP251x CAN devices and assess the exposure of such devices to critical operations. Where patching is delayed, monitoring for system hangs or unusual behavior in CAN-related subsystems can help detect potential deadlock occurrences. Implementing robust kernel update procedures and maintaining close coordination with hardware vendors for timely firmware and driver updates are also recommended.
Affected Countries
Germany, France, Italy, Spain, United Kingdom, Netherlands, Sweden, Belgium
CVE-2024-46791: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open The mcp251x_hw_wake() function is called with the mpc_lock mutex held and disables the interrupt handler so that no interrupts can be processed while waking the device. If an interrupt has already occurred then waiting for the interrupt handler to complete will deadlock because it will be trying to acquire the same mutex. CPU0 CPU1 ---- ---- mcp251x_open() mutex_lock(&priv->mcp_lock) request_threaded_irq() <interrupt> mcp251x_can_ist() mutex_lock(&priv->mcp_lock) mcp251x_hw_wake() disable_irq() <-- deadlock Use disable_irq_nosync() instead because the interrupt handler does everything while holding the mutex so it doesn't matter if it's still running.
AI-Powered Analysis
Technical Analysis
CVE-2024-46791 is a concurrency-related vulnerability in the Linux kernel's CAN (Controller Area Network) driver for the MCP251x device, specifically within the mcp251x_open() function. The issue arises due to improper handling of mutex locks and interrupt disabling during device wake-up. The function mcp251x_hw_wake() is called while holding the mcp_lock mutex and attempts to disable interrupts using disable_irq(). However, if an interrupt has already occurred and the interrupt handler (mcp251x_can_ist()) is running on another CPU and tries to acquire the same mutex, a deadlock situation occurs. This deadlock happens because disable_irq() waits for the interrupt handler to finish, but the handler cannot proceed as it is blocked waiting for the mutex held by mcp251x_hw_wake(). The correct approach, as fixed, is to use disable_irq_nosync(), which disables the interrupt without waiting for the handler to complete, thus preventing the deadlock. This vulnerability affects Linux kernel versions containing the specified commit hashes and pertains to the CAN driver for MCP251x devices, which are commonly used in embedded systems and automotive applications. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability could lead to system hangs or denial of service (DoS) conditions on devices running vulnerable Linux kernels with MCP251x CAN drivers. This is particularly relevant for industries relying on embedded Linux systems with CAN interfaces, such as automotive manufacturers, industrial automation, and critical infrastructure sectors. A deadlock in the kernel can cause affected devices to become unresponsive, potentially disrupting operations or safety-critical functions. While this vulnerability does not directly allow privilege escalation or data leakage, the availability impact could be significant in environments where continuous operation is critical. The lack of known exploits reduces immediate risk, but the potential for DoS in embedded or industrial control systems makes timely patching important.
Mitigation Recommendations
Organizations should promptly update their Linux kernel to versions where this vulnerability is patched, specifically applying the fix that replaces disable_irq() with disable_irq_nosync() in the mcp251x driver. For embedded systems or custom Linux builds, vendors and integrators must ensure kernel updates are tested and deployed. Additionally, organizations should audit their use of MCP251x CAN devices and assess the exposure of such devices to critical operations. Where patching is delayed, monitoring for system hangs or unusual behavior in CAN-related subsystems can help detect potential deadlock occurrences. Implementing robust kernel update procedures and maintaining close coordination with hardware vendors for timely firmware and driver updates are also recommended.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-09-11T15:12:18.279Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9827c4522896dcbe12fa
Added to database: 5/21/2025, 9:08:55 AM
Last enriched: 6/29/2025, 1:55:09 AM
Last updated: 7/31/2025, 3:48:19 AM
Views: 12
Related Threats
CVE-2025-9092: CWE-400 Uncontrolled Resource Consumption in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0
LowCVE-2025-9089: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9088: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9087: Stack-based Buffer Overflow in Tenda AC20
HighTop Israeli Cybersecurity Director Arrested in US Child Exploitation Sting
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.