{"uuid": "791ed534-345a-4940-85d1-e92e78b70fb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-42085", "type": "seen", "source": "https://t.me/cvedetector/1892", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42085 - Linux Kernel USB DWC3 Lock Deadlock Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42085 \nPublished : July 29, 2024, 5:15 p.m. | 17\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nusb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock  \n  \nWhen config CONFIG_USB_DWC3_DUAL_ROLE is selected, and trigger system  \nto enter suspend status with below command:  \necho mem > /sys/power/state  \nThere will be a deadlock issue occurring. Detailed invoking path as  \nbelow:  \ndwc3_suspend_common()  \n    spin_lock_irqsave(&dwc->lock, flags);              lock, flags);      gadget_driver is NULL or not. It causes the  \nfollowing code is executed and deadlock occurs when trying to get the  \nspinlock. In fact, the root cause is the commit 5265397f9442(\"usb: dwc3:  \nRemove DWC3 locking during gadget suspend/resume\") that forgot to remove  \nthe lock of otg mode. So, remove the redundant lock of otg mode during  \ngadget suspend/resume. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T19:38:54.000000Z"}