In the Linux kernel, the following vulnerability has been resolved:
gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
When running gpio test on nxp-ls1028 platform with below command
gpiomon --num-events=3 --rising-edge gpiochip1 25
There will be a warning trace as below:
Call trace:
free_irq+0x204/0x360
lineevent_free+0x64/0x70
gpio_ioctl+0x598/0x6a0
__arm64_sys_ioctl+0xb4/0x100
invoke_syscall+0x5c/0x130
......
el0t_64_sync+0x1a0/0x1a4
The reason of this issue is that calling request_threaded_irq()
function failed, and then lineevent_free() is invoked to release
the resource. Since the lineevent_state::irq was already set, so
the subsequent invocation of free_irq() would trigger the above
warning call trace. To fix this issue, set the lineevent_state::irq
after the IRQ register successfully.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-04-28T13:01:22.239Z
Updated: 2024-12-19T08:05:14.924Z
Reserved: 2024-02-25T13:44:28.318Z
Link: CVE-2022-48660
Vulnrichment
Updated: 2024-08-03T15:17:55.745Z
NVD
Status : Modified
Published: 2024-04-28T13:15:07.853
Modified: 2024-11-21T07:33:43.200
Link: CVE-2022-48660
Redhat