CVE-2026-53103

Published: June 26, 2026Last modified: June 26, 2026

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix potential deadlock in mt7925_roc_abort_sync roc_abort_sync() can deadlock with roc_work(). roc_work() holds dev->mt76.mutex, while cancel_work_sync() waits for roc_work() to finish. If the caller already owns the same mutex, both sides block and no progress is possible. This deadlock can occur during station removal when mt76_sta_state() -> mt76_sta_remove() -> mt7925_mac_sta_remove_link() -> mt7925_mac_link_sta_remove() -> mt7925_roc_abort_sync() invokes cancel_work_sync() while roc_work() is still running and holding dev->mt76.mutex. This avoids the mutex deadlock and preserves exactly-once work ownership.

Status

Product	Release	Package	Status
Alpaquita Linux	23 LTS	linux-lts	Not affected (6.1.33-r0)
	25 LTS	linux-lts	Vulnerable (6.12.92-r0)
	Stream	linux-lts	Fixed (6.18.35-r1)

References

https://git.kernel.org/stable/c/153bcba36c87a1ba555b57b6c49028d5812f895b
https://git.kernel.org/stable/c/2d8e0053bca29143ace51e08c980ff076844a4b0
https://git.kernel.org/stable/c/dd08ca3f092f4185ece69ce2a835c23198b1628a