ISHACK AI BOT

VMware Photon OS: CVE-2024-37372 Severity 3 CVSS (AV:L/AC:H/Au:N/C:P/I:P/A:N) Published 01/09/2025 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-37372 CVE - 2024-37372

SUSE: CVE-2025-22149: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/09/2025 Created 02/04/2025 Added 02/03/2025 Modified 02/03/2025 Description JWK Set (JSON Web Key Set) is a JWK and JWK Set Go implementation. Prior to 0.6.0, the project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use cases that utilize the provided auto-caching HTTP client and where key removal from a JWK Set is equivalent to revocation. The affected auto-caching HTTP client was added in version v0.5.0 and fixed in v0.6.0. The only workaround would be to remove the provided auto-caching HTTP client and replace it with a custom implementation. This involves setting the HTTPClientStorageOptions.RefreshInterval to zero (or not specifying the value). Solution(s) suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2025-22149 CVE - 2025-22149

SUSE: CVE-2025-22449: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/09/2025 Created 02/04/2025 Added 02/03/2025 Modified 02/03/2025 Description Mattermost versions 9.11.x <= 9.11.5 fail to enforce invite permissions, which allows team admins, with no permission to invite users to their team, to invite users by updating the "allow_open_invite" field via making their team public. Solution(s) suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2025-22449 CVE - 2025-22449

SUSE: CVE-2025-20033: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/09/2025 Created 02/04/2025 Added 02/03/2025 Modified 02/03/2025 Description Mattermost versions 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post types, which allows attackers to deny service to users with the sysconsole_read_plugins permission via creating a post with the custom_pl_notification type and specific props. Solution(s) suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2025-20033 CVE - 2025-20033

Ubuntu: USN-7223-1 (CVE-2024-56827): OpenJPEG vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:S/C:P/I:N/A:C) Published 01/09/2025 Created 01/25/2025 Added 01/24/2025 Modified 01/28/2025 Description A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility.This can lead to an application crash or other undefined behavior. Solution(s) ubuntu-pro-upgrade-libopenjp2-7 ubuntu-pro-upgrade-libopenjp2-tools ubuntu-pro-upgrade-libopenjp3d-tools ubuntu-pro-upgrade-libopenjp3d7 References https://attackerkb.com/topics/cve-2024-56827 CVE - 2024-56827 USN-7223-1

SUSE: CVE-2025-22445: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/09/2025 Created 02/04/2025 Added 02/03/2025 Modified 02/03/2025 Description Mattermost versions 10.x <= 10.2 fail to accurately reflect missing settings, which allows confusion for admins regarding a Calls security-sensitive configuration via incorrect UI reporting. Solution(s) suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2025-22445 CVE - 2025-22445

FreeBSD: VID-24C93A28-D95B-11EF-B6B2-2CF05DA270F3 (CVE-2024-6324): Gitlab -- Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/09/2025 Created 01/28/2025 Added 01/24/2025 Modified 01/24/2025 Description An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-6324

Juniper Junos OS: 2025-01 Security Bulletin: Junos OS: SRX1500,SRX4100,SRX4200: Execution of low-privileged CLI command results in chassisd crash (JSA92864) (CVE-2025-21596) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/08/2025 Created 01/10/2025 Added 01/09/2025 Modified 01/30/2025 Description An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a local, low-privileged authenticated attacker executing the 'show chassis environment pem' command to cause the chassis daemon (chassisd) to crash and restart, resulting in a temporary Denial of Service (DoS). However, repeated execution of this command will eventually cause the chassisd process to fail to restart, impacting packet processing on the system. This issue affects Junos OS on SRX1500, SRX4100, SRX4200: *All versions before 21.4R3-S9, *from 22.2 before 22.2R3-S5, *from 22.3 before 22.3R3-S4, *from 22.4 before 22.4R3-S4, *from 23.2 before 23.2R2-S3, *from 23.4 before 23.4R2-S1. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2025-21596 CVE - 2025-21596 JSA92864

Debian: CVE-2024-56826: openjpeg2 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/09/2025 Created 01/31/2025 Added 01/30/2025 Modified 01/30/2025 Description A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility.This can lead to an application crash or other undefined behavior. Solution(s) debian-upgrade-openjpeg2 References https://attackerkb.com/topics/cve-2024-56826 CVE - 2024-56826 DSA-5851-1

Microsoft Edge Chromium: CVE-2025-0291 Type Confusion in V8 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/08/2025 Created 01/16/2025 Added 01/15/2025 Modified 02/14/2025 Description Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2025-0291 CVE - 2025-0291 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-0291

Google Chrome Vulnerability: CVE-2025-0291 Type Confusion in V8 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/08/2025 Created 01/09/2025 Added 01/08/2025 Modified 02/14/2025 Description Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2025-0291 CVE - 2025-0291 https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop.html

Juniper Junos OS: 2025-01 Security Bulletin: Junos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crash (JSA92870) (multiple CVEs) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/08/2025 Created 01/10/2025 Added 01/09/2025 Modified 01/13/2025 Description An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems configured in either of two ways: *systems with BGP traceoptions enabled *systems with BGP traffic engineering configured This issue can affect iBGP and eBGP with any address family configured. The specific attribute involved is non-transitive, and will not propagate across a network. This issue affects: Junos OS: *All versions before 21.4R3-S8, *22.2 before 22.2R3-S5, *22.3 before 22.3R3-S4, *22.4 before 22.4R3-S3, *23.2 before 23.2R2-S2, *23.4 before 23.4R2; Junos OS Evolved: *All versions before 21.4R3-S8-EVO, *22.2-EVO before 22.2R3-S5-EVO, *22.3-EVO before 22.3R3-S4-EVO, *22.4-EVO before 22.4R3-S3-EVO, *23.2-EVO before 23.2R2-S2-EVO, *23.4-EVO before 23.4R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39516 CVE - 2024-39516 CVE - 2025-21600 JSA92870

VMware Photon OS: CVE-2024-56779 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/08/2025 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequently, if an action attempts to open a file, it can potentially send two rpc_task to nfs server. NFS CLIENT thread1 thread2 open("file") ... nfs4_do_open _nfs4_do_open _nfs4_open_and_get_state _nfs4_proc_open nfs4_run_open_task /* rpc_task1 */ rpc_run_task rpc_wait_for_completion_task umount -f nfs_umount_begin rpc_killall_tasks rpc_signal_task rpc_task1 been wakeup and return -512 _nfs4_do_open // while loop ... nfs4_run_open_task /* rpc_task2 */ rpc_run_task rpc_wait_for_completion_task While processing an open request, nfsd will first attempt to find or allocate an nfs4_openowner. If it finds an nfs4_openowner that is not marked as NFS4_OO_CONFIRMED, this nfs4_openowner will released. Since two rpc_task can attempt to open the same file simultaneously from the client to server, and because two instances of nfsd can run concurrently, this situation can lead to lots of memory leak. Additionally, when we echo 0 to /proc/fs/nfsd/threads, warning will be triggered. NFS SERVER nfsd1nfsd2 echo 0 > /proc/fs/nfsd/threads nfsd4_open nfsd4_process_open1 find_or_alloc_open_stateowner // alloc oo1, stateid1 nfsd4_open nfsd4_process_open1 find_or_alloc_open_stateowner // find oo1, without NFS4_OO_CONFIRMED release_openowner unhash_openowner_locked list_del_init(&oo->oo_perclient) // cannot find this oo // from client, LEAK!!! alloc_stateowner // alloc oo2 nfsd4_process_open2 init_open_stateid // associate oo1 // with stateid1, stateid1 LEAK!!! nfs4_get_vfs_file // alloc nfsd_file1 and nfsd_file_mark1 // all LEAK!!! nfsd4_process_open2 ... write_threads ... nfsd_destroy_serv nfsd_shutdown_net nfs4_state_shutdown_net nfs4_state_destroy_net destroy_client __destroy_client // won't find oo1!!! nfsd_shutdown_generic nfsd_file_cache_shutdown kmem_cache_destroy for nfsd_file_slab and nfsd_file_mark_slab // bark since nfsd_file1 // and nfsd_file_mark1 // still alive ======================================================================= BUG nfsd_file (Not tainted): Objects remaining in nfsd_file on __kmem_cache_shutdown() ----------------------------------------------------------------------- Slab 0xffd4000004438a80 objects=34 used=1 fp=0xff11000110e2ad28 flags=0x17ffffc0000240(workingset|head|node=0|zone=2|lastcpupid=0x1fffff) CPU: 4 UID: 0 PID: 757 Comm: sh Not tainted 6.12.0-rc6+ #19 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014 Call Trace: <TASK> dum ---truncated--- Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-56779 CVE - 2024-56779

Juniper Junos OS: 2025-01 Security Bulletin: Junos OS and Junos OS Evolved: Receipt of specially crafted BGP update packet causes RPD crash (JSA92872) (CVE-2025-21602) Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 01/08/2025 Created 01/10/2025 Added 01/09/2025 Modified 01/28/2025 Description An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a specific BGP update packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continuous receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects iBGP and eBGP, and both IPv4 and IPv6 are affected by this vulnerability. This issue affects Junos OS: *from 21.4 before 21.4R3-S9, *from 22.2 before 22.2R3-S5, *from 22.3 before 22.3R3-S4, *from 22.4 before 22.4R3-S5, *from 23.2 before 23.2R2-S3, *from 23.4 before 23.4R2-S3, *from 24.2 before 24.2R1-S2, 24.2R2; This issue does not affect versions prior to 21.1R1. Junos OS Evolved: *from 21.4 before 21.4R3-S9-EVO, *from 22.2 before 22.2R3-S5-EVO, *from 22.3 before 22.3R3-S4-EVO, *from 22.4 before 22.4R3-S5-EVO, *from 23.2 before 23.2R2-S3-EVO, *from 23.4 before 23.4R2-S3-EVO, *from 24.2 before 24.2R1-S2-EVO, 24.2R2-EVO. This issue does not affect versions prior to 21.1R1-EVO Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2025-21602 CVE - 2025-21602 JSA92872

VMware Photon OS: CVE-2024-56780 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/08/2025 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots() Since we currently don't always flush the quota_release_work queue in this path, we can end up with the following race: 1. dquot are added to releasing_dquots list during regular operations. 2. FS Freeze starts, however, this does not flush the quota_release_work queue. 3. Freeze completes. 4. Kernel eventually tries to flush the workqueue while FS is frozen which hits a WARN_ON since transaction gets started during frozen state: ext4_journal_check_start+0x28/0x110 [ext4] (unreliable) __ext4_journal_start_sb+0x64/0x1c0 [ext4] ext4_release_dquot+0x90/0x1d0 [ext4] quota_release_workfn+0x43c/0x4d0 Which is the following line: WARN_ON(sb->s_writers.frozen == SB_FREEZE_COMPLETE); Which ultimately results in generic/390 failing due to dmesg noise. This was detected on powerpc machine 15 cores. To avoid this, make sure to flush the workqueue during dquot_writeback_dquots() so we dont have any pending workitems after freeze. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-56780 CVE - 2024-56780

Debian: CVE-2024-56776: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/08/2025 Created 01/14/2025 Added 01/13/2025 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-56776 CVE - 2024-56776

VMware Photon OS: CVE-2024-49571 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/11/2025 Created 01/30/2025 Added 01/29/2025 Modified 01/29/2025 Description In the Linux kernel, the following vulnerability has been resolved: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg When receiving proposal msg in server, the field iparea_offset and the field ipv6_prefixes_cnt in proposal msg are from the remote client and can not be fully trusted. Especially the field iparea_offset, once exceed the max value, there has the chance to access wrong address, and crash may happen. This patch checks iparea_offset and ipv6_prefixes_cnt before using them. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-49571 CVE - 2024-49571

Debian: CVE-2024-57798: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/11/2025 Created 01/14/2025 Added 01/13/2025 Modified 02/06/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix kfreeing the request if getting an mst_primary reference fails. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-57798 CVE - 2024-57798

SimpleHelp Path Traversal Vulnerability CVE-2024-57727 Disclosed 01/12/2025 Created 02/25/2025 Description There exists a path traversal vulnerability in the /toolbox-resource endpoint that enables unauthenticated remote attackers to download arbitrary files from the SimpleHelp server via crafted HTTP requests Author(s) horizon3ai imjdl jheysel-r7 Development Source Code History

Debian: CVE-2024-52332: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/11/2025 Created 01/14/2025 Added 01/13/2025 Modified 01/13/2025 Description In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-52332 CVE - 2024-52332

Debian: CVE-2024-47408: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/11/2025 Created 01/14/2025 Added 01/13/2025 Modified 01/13/2025 Description In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcd_v2_ext_offset when receiving proposal msg When receiving proposal msg in server, the field smcd_v2_ext_offset in proposal msg is from the remote client and can not be fully trusted. Once the value of smcd_v2_ext_offset exceed the max value, there has the chance to access wrong address, and crash may happen. This patch checks the value of smcd_v2_ext_offset before using it. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-47408 CVE - 2024-47408

VMware Photon OS: CVE-2024-52332 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/11/2025 Created 01/30/2025 Added 01/29/2025 Modified 01/29/2025 Description In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-52332 CVE - 2024-52332

Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 01/08/2025 Created 01/09/2025 Added 01/08/2025 Modified 01/08/2025 Description A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges. Solution(s) pulse-secure-pulse-connect-secure-upgrade-22_7r2_5 References https://attackerkb.com/topics/cve-2025-0283 CVE - 2025-0283 https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US https://www.rapid7.com/blog/post/2025/01/08/etr-cve-2025-0282-ivanti-connect-secure-zero-day-exploited-in-the-wild/

Debian: CVE-2024-56774: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 01/08/2025 Created 01/14/2025 Added 01/13/2025 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The reproducer is using rescue=ibadroots, and the extent tree root is corrupted thus the extent tree is NULL. When scrub tries to search the extent tree to gather the needed extent info, btrfs_search_slot() doesn't check if the target root is NULL or not, resulting the null-ptr-deref. Add sanity check for btrfs root before using it in btrfs_search_slot(). Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-56774 CVE - 2024-56774

Debian: CVE-2024-43098: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/11/2025 Created 01/14/2025 Added 01/13/2025 Modified 02/06/2025 Description In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock A deadlock may happen since the i3c_master_register() acquires &i3cbus->lock twice. See the log below. Use i3cdev->desc->info instead of calling i3c_device_info() to avoid acquiring the lock twice. v2: - Modified the title and commit message ============================================ WARNING: possible recursive locking detected 6.11.0-mainline -------------------------------------------- init/1 is trying to acquire lock: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_bus_normaluse_lock but task is already holding lock: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&i3cbus->lock); lock(&i3cbus->lock); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by init/1: #0: fcffff809b6798f8 (&dev->mutex){....}-{3:3}, at: __driver_attach #1: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register stack backtrace: CPU: 6 UID: 0 PID: 1 Comm: init Call trace: dump_backtrace+0xfc/0x17c show_stack+0x18/0x28 dump_stack_lvl+0x40/0xc0 dump_stack+0x18/0x24 print_deadlock_bug+0x388/0x390 __lock_acquire+0x18bc/0x32ec lock_acquire+0x134/0x2b0 down_read+0x50/0x19c i3c_bus_normaluse_lock+0x14/0x24 i3c_device_get_info+0x24/0x58 i3c_device_uevent+0x34/0xa4 dev_uevent+0x310/0x384 kobject_uevent_env+0x244/0x414 kobject_uevent+0x14/0x20 device_add+0x278/0x460 device_register+0x20/0x34 i3c_master_register_new_i3c_devs+0x78/0x154 i3c_master_register+0x6a0/0x6d4 mtk_i3c_master_probe+0x3b8/0x4d8 platform_probe+0xa0/0xe0 really_probe+0x114/0x454 __driver_probe_device+0xa0/0x15c driver_probe_device+0x3c/0x1ac __driver_attach+0xc4/0x1f0 bus_for_each_dev+0x104/0x160 driver_attach+0x24/0x34 bus_add_driver+0x14c/0x294 driver_register+0x68/0x104 __platform_driver_register+0x20/0x30 init_module+0x20/0xfe4 do_one_initcall+0x184/0x464 do_init_module+0x58/0x1ec load_module+0xefc/0x10c8 __arm64_sys_finit_module+0x238/0x33c invoke_syscall+0x58/0x10c el0_svc_common+0xa8/0xdc do_el0_svc+0x1c/0x28 el0_svc+0x50/0xac el0t_64_sync_handler+0x70/0xbc el0t_64_sync+0x1a8/0x1ac Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-43098 CVE - 2024-43098