CVE-2024-50196

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> pinctrl: ocelot: fix system hang on level based interrupts<br /> <br /> The current implementation only calls chained_irq_enter() and<br /> chained_irq_exit() if it detects pending interrupts.<br /> <br /> ```<br /> for (i = 0; i stride; i++) {<br /> uregmap_read(info-&gt;map, id_reg + 4 * i, &amp;reg);<br /> if (!reg)<br /> continue;<br /> <br /> chained_irq_enter(parent_chip, desc);<br /> ```<br /> <br /> However, in case of GPIO pin configured in level mode and the parent<br /> controller configured in edge mode, GPIO interrupt might be lowered by the<br /> hardware. In the result, if the interrupt is short enough, the parent<br /> interrupt is still pending while the GPIO interrupt is cleared;<br /> chained_irq_enter() never gets called and the system hangs trying to<br /> service the parent interrupt.<br /> <br /> Moving chained_irq_enter() and chained_irq_exit() outside the for loop<br /> ensures that they are called even when GPIO interrupt is lowered by the<br /> hardware.<br /> <br /> The similar code with chained_irq_enter() / chained_irq_exit() functions<br /> wrapping interrupt checking loop may be found in many other drivers:<br /> ```<br /> grep -r -A 10 chained_irq_enter drivers/pinctrl<br /> ```