CVE-2025-40194

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request()<br /> <br /> The cpufreq_cpu_put() call in update_qos_request() takes place too early<br /> because the latter subsequently calls freq_qos_update_request() that<br /> indirectly accesses the policy object in question through the QoS request<br /> object passed to it.<br /> <br /> Fortunately, update_qos_request() is called under intel_pstate_driver_lock,<br /> so this issue does not matter for changing the intel_pstate operation<br /> mode, but it theoretically can cause a crash to occur on CPU device hot<br /> removal (which currently can only happen in virt, but it is formally<br /> supported nevertheless).<br /> <br /> Address this issue by modifying update_qos_request() to drop the<br /> reference to the policy later.