In the Linux kernel, the following vulnerability has been resolved:
PM / devfreq: rk3399_dmc: Disable edev on remove()
Otherwise we hit an unablanced enable-count when unbinding the DFI device:
[ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2 PID: 5638 at drivers/devfreq/devfreq-event.c:360 devfreqeventremoveedev+0x84/0x8c ... [ 1279.659352] Hardware name: Google Kevin (DT) [ 1279.659363] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--) [ 1279.659371] pc : devfreqeventremoveedev+0x84/0x8c [ 1279.659380] lr : devmdevfreqeventrelease+0x1c/0x28 ... [ 1279.659571] Call trace: [ 1279.659582] devfreqeventremoveedev+0x84/0x8c [ 1279.659590] devmdevfreqeventrelease+0x1c/0x28 [ 1279.659602] releasenodes+0x1cc/0x244 [ 1279.659611] devresreleaseall+0x44/0x60 [ 1279.659621] devicereleasedriverinternal+0x11c/0x1ac [ 1279.659629] devicedriverdetach+0x20/0x2c [ 1279.659641] unbindstore+0x7c/0xb0 [ 1279.659650] drvattrstore+0x2c/0x40 [ 1279.659663] sysfskfwrite+0x44/0x58 [ 1279.659672] kernfsfopwriteiter+0xf4/0x190 [ 1279.659684] vfswrite+0x2b0/0x2e4 [ 1279.659693] ksyswrite+0x80/0xec [ 1279.659701] _arm64syswrite+0x24/0x30 [ 1279.659714] el0svccommon+0xf0/0x1d8 [ 1279.659724] doel0svccompat+0x28/0x3c [ 1279.659738] el0svccompat+0x10/0x1c [ 1279.659746] el0synccompathandler+0xa8/0xcc [ 1279.659758] el0synccompat+0x188/0x1c0 [ 1279.659768] ---[ end trace cec200e5094155b4 ]---
{ "vanir_signatures": [ { "digest": { "length": 167.0, "function_hash": "75606674419171789284288422538038276068" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@664736e2cc09e504ce58ec61164d029d1f2651bb", "signature_type": "Function", "target": { "function": "rk3399_dmcfreq_remove", "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-0ba23ed4" }, { "digest": { "length": 167.0, "function_hash": "75606674419171789284288422538038276068" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fb089b6f21de03a685dd31df3789bbb01c59f8e3", "signature_type": "Function", "target": { "function": "rk3399_dmcfreq_remove", "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-1181bd85" }, { "digest": { "length": 167.0, "function_hash": "75606674419171789284288422538038276068" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2fccf9e6050e0e3b8b4cd275d41daf7f7fa22804", "signature_type": "Function", "target": { "function": "rk3399_dmcfreq_remove", "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-187bd196" }, { "digest": { "length": 167.0, "function_hash": "75606674419171789284288422538038276068" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a9c2b23a7ac6ab19214cad8cac8af8608a4d9cef", "signature_type": "Function", "target": { "function": "rk3399_dmcfreq_remove", "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-37302a97" }, { "digest": { "line_hashes": [ "55277034109144350072825729516030824894", "274319722357846015963756316946810548465", "196923301052812136639241533547798493946" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2fccf9e6050e0e3b8b4cd275d41daf7f7fa22804", "signature_type": "Line", "target": { "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-3b426541" }, { "digest": { "line_hashes": [ "55277034109144350072825729516030824894", "274319722357846015963756316946810548465", "196923301052812136639241533547798493946" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a0180e324a9a63de8f770da300477b48cb4a53f1", "signature_type": "Line", "target": { "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-54bc3612" }, { "digest": { "line_hashes": [ "55277034109144350072825729516030824894", "274319722357846015963756316946810548465", "196923301052812136639241533547798493946" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fb089b6f21de03a685dd31df3789bbb01c59f8e3", "signature_type": "Line", "target": { "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-7e3f2f62" }, { "digest": { "line_hashes": [ "55277034109144350072825729516030824894", "274319722357846015963756316946810548465", "196923301052812136639241533547798493946" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cb1be1d4be18fe286ba5a67d928598378fd7fbe5", "signature_type": "Line", "target": { "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-8cbacefd" }, { "digest": { "line_hashes": [ "55277034109144350072825729516030824894", "274319722357846015963756316946810548465", "196923301052812136639241533547798493946" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a9c2b23a7ac6ab19214cad8cac8af8608a4d9cef", "signature_type": "Line", "target": { "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-aa7b5206" }, { "digest": { "length": 167.0, "function_hash": "75606674419171789284288422538038276068" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cb1be1d4be18fe286ba5a67d928598378fd7fbe5", "signature_type": "Function", "target": { "function": "rk3399_dmcfreq_remove", "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-b770c9dd" }, { "digest": { "line_hashes": [ "55277034109144350072825729516030824894", "274319722357846015963756316946810548465", "196923301052812136639241533547798493946" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@86b091b6894c449d2734de7aa7d79ccb33ffd97d", "signature_type": "Line", "target": { "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-b8011bca" }, { "digest": { "length": 167.0, "function_hash": "75606674419171789284288422538038276068" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a0180e324a9a63de8f770da300477b48cb4a53f1", "signature_type": "Function", "target": { "function": "rk3399_dmcfreq_remove", "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-d3332af3" }, { "digest": { "length": 167.0, "function_hash": "75606674419171789284288422538038276068" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@86b091b6894c449d2734de7aa7d79ccb33ffd97d", "signature_type": "Function", "target": { "function": "rk3399_dmcfreq_remove", "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-eee4bba5" }, { "digest": { "line_hashes": [ "55277034109144350072825729516030824894", "274319722357846015963756316946810548465", "196923301052812136639241533547798493946" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@664736e2cc09e504ce58ec61164d029d1f2651bb", "signature_type": "Line", "target": { "file": "drivers/devfreq/rk3399_dmc.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2022-49460-efb15fde" } ] }