In the Linux kernel, the following vulnerability has been...
Moderate severity
Unreviewed
Published
May 27, 2026
to the GitHub Advisory Database
•
Updated Jun 25, 2026
Description
Published by the National Vulnerability Database
May 27, 2026
Published to the GitHub Advisory Database
May 27, 2026
Last updated
Jun 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()
ocelot_port_xmit_inj() calls ocelot_can_inject() and
ocelot_port_inject_frame() without holding the injection group lock.
Both functions contain lockdep_assert_held() for the injection lock,
and the correct caller felix_port_deferred_xmit() properly acquires
the lock using ocelot_lock_inj_grp() before calling these functions.
Add ocelot_lock_inj_grp()/ocelot_unlock_inj_grp() around the register
injection path to fix the missing lock protection. The FDMA path is not
affected as it uses its own locking mechanism.
References