CVE-2026-23357
Published: Mar 25, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock in error path of mcp251x_open The mcp251x_open() function call free_irq() in its error path with the mpc_lock mutex held. But if an interrupt already occurred the interrupt handler will be waiting for the mpc_lock and free_irq() will deadlock waiting for the handler to finish. This issue is similar to the one fixed in commit 7dd9c26bd6cf ("can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open") but for the error path. To solve this issue move the call to free_irq() after the lock is released. Setting `priv->force_quit = 1` beforehand ensure that the IRQ handler will exit right away once it acquired the lock.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected bf66f3736a945dd4e92d86427276c6eeab0a6c1d - < 739454057572cb0948658d1142f3fa2c6966465caffected bf66f3736a945dd4e92d86427276c6eeab0a6c1d - < 416c18ecddafab0ed09be1e7b9d2f448f3d4db16affected bf66f3736a945dd4e92d86427276c6eeab0a6c1d - < 256f0cff6e946c570392bda1d01a65e789a7afd0affected bf66f3736a945dd4e92d86427276c6eeab0a6c1d - < b73832292cd914e87a55e863ba4413a907e7db6baffected bf66f3736a945dd4e92d86427276c6eeab0a6c1d - < 38063cc435b69d56e76f947c10d336fcb2953508+3 more versions |
Linux | Linux | affected 2.6.34unaffected 0 - < 2.6.34unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.167 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now