Description: double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid
References:
Notes:
 carnil> The issue (as the CVE is bound the drivers/usb/dwc3/gadget.c)
 carnil> might be considered as fixed already solely by c91815b59624
 carnil> ("usb: dwc3: gadget: never call ->complete() from ->ep_queue()").
 carnil> There is a related commit 072684e8c58d ("USB: gadget: f_hid:
 carnil> fix deadlock in f_hidg_write()") only present in 5.1-rc3 and
 carnil> potential backports. The assignment seems though specific to
 carnil> c91815b59624.
 benh> Introduced in 4.10 by commit 15b8d9332b92 "usb: dwc3: gadget:
 benh> giveback request if we can't kick it"
Bugs:
upstream: released (4.17-rc1) [c91815b596245fd7da349ecc43c8def670d2269e]
4.19-upstream-stable: N/A "Fixed before branching point"
4.9-upstream-stable: N/A "Vulnerability introduced later"
3.16-upstream-stable: N/A "Vulnerability introduced later"
sid: released (4.16.5-1)
4.19-buster-security: N/A "Fixed before branching point"
4.9-stretch-security: N/A "Vulnerability introduced later"
3.16-jessie-security: N/A "Vulnerability introduced later"