Linux Kernel Deadlock Vulnerability in Type-C DisplayPort Functionality
CVE-2025-38404

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38404?

A deadlock issue has been identified in the Linux kernel related to the Type-C DisplayPort functionality. This vulnerability arises from a recursive lock acquisition of the cros_typec_altmode_data::mutex, potentially compromising system stability. The issue occurs when the cros_typec_altmode_work() function acquires the mutex, leading to a deadlock when cros_typec_altmode_exit() attempts to reacquire the same mutex within the callback hierarchy. To mitigate the issue, it is recommended to defer the typec_altmode_exit() operation by scheduling it rather than executing it directly, thereby ensuring smooth and secure operation of Type-C DisplayPort functionalities.

Affected Version(s)

Linux e0359c66c1beccbe90119a63391678eabda38007 < 749d9076735fb497aae60fbea9fff563f9ea3254

Linux e3fb6c2c3939b4aad203cacdd613a62ce1fd032c

Linux 56846793f105cf2b39ecbde4f3ae86342091f6fc < 7be0d1ea71f52595499da39cea484a895e8ed042

References

https://git.kernel.org/stable/c/749d9076735fb497aae60fbea...

https://git.kernel.org/stable/c/eb08fca56f1f39e4038cb9bac...

https://git.kernel.org/stable/c/7be0d1ea71f52595499da39ce...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025