CVE-2022-49954 Information

Jun 19, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag

syzbot is reporting hung task at __input_unregister_device() [1] for iforce_close() waiting at wait_event_interruptible() with dev->mutex held is blocking input_disconnect_device() from __input_unregister_device().

It seems that the cause is simply that commit c2b27ef672992a20 (\Input: iforce - wait for command completion when closing the device) forgot to call wake_up() after clear_bit().

Fix this problem by introducing a helper that calls clear_bit() followed by wake_up_all().

Reference

https://git.kernel.org/stable/c/98e01215708b6d416345465c09dce2bd4868c67a https://git.kernel.org/stable/c/b271090eea3899399e2adcf79c9c95367d472b03 https://git.kernel.org/stable/c/b533b9d3a0d1327cbb31c201dc8dbbf98c8bfe3c https://git.kernel.org/stable/c/d186c65599bff0222da37b9215784ddfe39f9e1b https://git.kernel.org/stable/c/df1b53bc799d58f79701c465505a206c72ad4ab8

CNNVD-202506-2239 (Published: 2025-06-18)

Share on: