CVE-2026-45849
Published: May 27, 2026
Modified: May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj() ocelot_port_xmit_inj() calls ocelot_can_inject() and ocelot_port_inject_frame() without holding the injection group lock. Both functions contain lockdep_assert_held() for the injection lock, and the correct caller felix_port_deferred_xmit() properly acquires the lock using ocelot_lock_inj_grp() before calling these functions. Add ocelot_lock_inj_grp()/ocelot_unlock_inj_grp() around the register injection path to fix the missing lock protection. The FDMA path is not affected as it uses its own locking mechanism.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 960ec92774e152b677ccd0006abcab7b9dd814c2 - < 0b217a40156f497e09dd20d3f7baec40c785f386affected e83b49ecb569c9c5fa7cc30e55cf2c15f71f9f39 - < cc1b179f778f98270bdbbb48d183b4b6427ae198affected c5e12ac3beb0dd3a718296b2d8af5528e9ab728e - < 7ac58d8832802ec89baa7539e13e6d58a88cce04affected c5e12ac3beb0dd3a718296b2d8af5528e9ab728e - < 51c32ae7fae14552d79f7139614b77c1bbd57a48affected c5e12ac3beb0dd3a718296b2d8af5528e9ab728e - < 63da961381e0d979459dede713001f8452364477+5 more versions |
Linux | Linux | affected 6.11unaffected 0 - < 6.11unaffected 6.1.165 - <= 6.1.*unaffected 6.6.128 - <= 6.6.*unaffected 6.12.75 - <= 6.12.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now