CVE-2024-46868 Information

Description

In the Linux kernel the following vulnerability has been resolved:

firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire()

If the __qcuefi pointer is not set then in the original code we would hold onto the lock. That means that if we tried to set it later then it would cause a deadlock. Drop the lock on the error path. That’s what all the callers are expecting.

Reference

https://git.kernel.org/stable/c/8c6a5a1fc02ad1d62d06897ab330693d4d27cd03 https://git.kernel.org/stable/c/db213b0cfe3268d8b1d382b3bcc999c687a2567f