CVE-2026-53100
UnknownSummary
A vulnerability in the Linux kernel has been fixed that led to a deadlock in the mt76_remain_on_channel() and mt76_roc_complete() functions. The issue was caused by double acquisition of the dev->mutex during the mt76_set_channel() call.
Risk Assessment
The deadlock could lead to system unavailability, impacting service availability within the organization. In the event of this issue, administrators might be forced to manually restart the system.
Recommendation
It is recommended to update the Linux kernel to a version that includes the fix for this vulnerability. Additionally, monitoring systems for deadlock occurrences is advised.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: fix deadlock in remain-on-channel mt76_remain_on_channel() and mt76_roc_complete() call mt76_set_channel() while already holding dev->mutex. Since mt76_set_channel() also acquires dev->mutex, this results in a deadlock. Use __mt76_set_channel() instead of mt76_set_channel(). Add cancel_delayed_work_sync() for mac_work before acquiring the mutex in mt76_remain_on_channel() to prevent a secondary deadlock with the mac_work workqueue.

