In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it Wakeup for IRQ1 should be disabled only in cases where i8042 had actually enabled it, otherwise "wake_depth" for this IRQ will try to drop below zero and there will be an unpleasant WARN() logged: kernel: atkbd serio0: Disabling IRQ1 wakeup source to avoid platform firmware bug kernel: ------------[ cut here ]------------ kernel: Unbalanced IRQ 1 wake disable kernel: WARNING: CPU: 10 PID: 6431 at kernel/irq/manage.c:920 irq_set_irq_wake+0x147/0x1a0 The PMC driver uses DEFINE_SIMPLE_DEV_PM_OPS() to define its dev_pm_ops which sets amd_pmc_suspend_handler() to the .suspend, .freeze, and .poweroff handlers. i8042_pm_suspend(), however, is only set as the .suspend handler. Fix the issue by call PMC suspend handler only from the same set of dev_pm_ops handlers as i8042_pm_suspend(), which currently means just the .suspend handler. To reproduce this issue try hibernating (S4) the machine after a fresh boot without putting it into s2idle first. [ij: edited the commit message.]
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: platform/x86/amd/pmc: Solo deshabilitar la activación de IRQ1 donde i8042 realmente la habilitó La activación para IRQ1 debe deshabilitarse solo en los casos en que i8042 realmente la haya habilitado, de lo contrario, "wake_depth" para esta IRQ intentará caer por debajo de cero y se registrará un WARN() desagradable: kernel: atkbd serio0: Deshabilitar la fuente de activación de IRQ1 para evitar un error de firmware de la plataforma kernel: ------------[ cortar aquí ]------------ kernel: Deshabilitar activación de IRQ 1 no balanceada kernel: ADVERTENCIA: CPU: 10 PID: 6431 en kernel/irq/manage.c:920 irq_set_irq_wake+0x147/0x1a0 El controlador PMC usa DEFINE_SIMPLE_DEV_PM_OPS() para definir su dev_pm_ops que establece amd_pmc_suspend_handler() en .suspend, .freeze y .poweroff. Sin embargo, i8042_pm_suspend() solo se configura como el controlador .suspend. Solucione el problema llamando al controlador de suspensión PMC solo desde el mismo conjunto de controladores dev_pm_ops que i8042_pm_suspend(), lo que actualmente significa solo el controlador .suspend. Para reproducir este problema, intente hibernar (S4) la máquina después de un arranque nuevo sin ponerla primero en s2idle. [ij: edité el mensaje de confirmación].
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
NVD-CWE-noinfo
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bde4f3480> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdd9a2a00> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bcbbf79c0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702ba6c51f80> | Operating System |
| linux | linux_kernel | 6.2 | <built-in method update of dict object at 0x702bcbbf5900> | Operating System |
| linux | linux_kernel | 6.2 | <built-in method update of dict object at 0x702bcbbf44c0> | Operating System |
| linux | linux_kernel | 6.2 | <built-in method update of dict object at 0x702bdd9a2480> | Operating System |
| linux | linux_kernel | 6.2 | <built-in method update of dict object at 0x702ba6c51a80> | Operating System |
| linux | linux_kernel | 6.13 | <built-in method update of dict object at 0x702bcbbf40c0> | Operating System |
| linux | linux_kernel | 6.13 | <built-in method update of dict object at 0x702bcbbf43c0> | Operating System |
| linux | linux_kernel | 6.13 | <built-in method update of dict object at 0x702bdd9a2340> | Operating System |
| linux | linux_kernel | 6.13 | <built-in method update of dict object at 0x702bdd9a2000> | Operating System |
| linux | linux_kernel | 6.13 | <built-in method update of dict object at 0x702bde4f2040> | Operating System |
| linux | linux_kernel | 6.13 | <built-in method update of dict object at 0x702ba6c514c0> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.2:-:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:* |