Description

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully When running gpio test on nxp-ls1028 platform with below command gpiomon --num-events=3 --rising-edge gpiochip1 25 There will be a warning trace as below: Call trace: free_irq+0x204/0x360 lineevent_free+0x64/0x70 gpio_ioctl+0x598/0x6a0 __arm64_sys_ioctl+0xb4/0x100 invoke_syscall+0x5c/0x130 ...... el0t_64_sync+0x1a0/0x1a4 The reason of this issue is that calling request_threaded_irq() function failed, and then lineevent_free() is invoked to release the resource. Since the lineevent_state::irq was already set, so the subsequent invocation of free_irq() would trigger the above warning call trace. To fix this issue, set the lineevent_state::irq after the IRQ register successfully.

INFO

Published Date :

2024-04-28T13:01:22.239Z

Last Modified :

2025-05-04T08:20:46.019Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-48660 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-48660.

URL Resource
https://git.kernel.org/stable/c/657803b918e097e47d99d1489da83a603c36bcdd cve-icon cve-icon
https://git.kernel.org/stable/c/69bef19d6b9700e96285f4b4e28691cda3dcd0d1 cve-icon cve-icon
https://git.kernel.org/stable/c/97da736cd11ae73bdf2f5e21e24446b8349e0168 cve-icon cve-icon
https://git.kernel.org/stable/c/b1489043d3b9004dd8d5a0357b08b5f0e6691c43 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024042800-CVE-2022-48660-4fb8@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-48660 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-48660 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact