CVE-2024-27002

2024-05-0106:15:18

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

vulnerability

deadlock

mediatek

clock controllers

runtime pm

probe

deadlock

mt8183

mt8192

chromebooks

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

JSON

In the Linux kernel, the following vulnerability has been resolved:

clk: mediatek: Do a runtime PM get on controllers during probe

mt8183-mfgcfg has a mutual dependency with genpd during the probing
stage, which leads to a deadlock in the following call stack:

CPU0: genpd_lock –> clk_prepare_lock
genpd_power_off_work_fn()
genpd_lock()
generic_pm_domain::power_off()
clk_unprepare()
clk_prepare_lock()

CPU1: clk_prepare_lock –> genpd_lock
clk_register()
__clk_core_init()
clk_prepare_lock()
clk_pm_runtime_get()
genpd_lock()

Do a runtime PM get at the probe function to make sure clk_register()
won’t acquire the genpd lock. Instead of only modifying mt8183-mfgcfg,
do this on all mediatek clock controller probings because we don’t
believe this would cause any regression.

Verified on MT8183 and MT8192 Chromebooks.