Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval Getting / Setting the frame interval using the V4L2 subdev pad ops get_frame_interval/set_frame_interval causes a deadlock, as the subdev state is locked in the [1] but also in the driver itself. In [2] it's described that the caller is responsible to acquire and release the lock in this case. Therefore, acquiring the lock in the driver is wrong. Remove the lock acquisitions/releases from mt9m114_ifp_get_frame_interval() and mt9m114_ifp_set_frame_interval(). [1] drivers/media/v4l2-core/v4l2-subdev.c - line 1129 [2] Documentation/driver-api/media/v4l2-subdev.rst
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.7, < 6.12.44 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/0d23b548d71e5d76955fdf1d73addd8f6494f602Patch
- https://git.kernel.org/stable/c/298d1471cf83d5a2a05970e41822a2403f451086Patch
- https://git.kernel.org/stable/c/41b97490a1656bdc7038d6345a84b08d45deafc6Patch
FAQ
What is CVE-2025-39712?
CVE-2025-39712 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval Getting / Setting the frame interval using the V4L2 subdev p...
How severe is CVE-2025-39712?
CVE-2025-39712 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-39712?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.