Linux Kernel Coresight TRBE CPU Hotplug State Management Vulnerability

A vulnerability exists in the Linux kernel's Coresight TRBE driver related to improper management of CPU hotplug state instances. The functions 'cpuhp_state_add_instance()' and 'cpuhp_state_remove_instance()' must be used in pairs to maintain the integrity of the CPU hotplug state management. Failure to do so can result in warnings when removing hotplug states, as instances may still be active. This issue has been logged as an error when attempting to remove a state that still has instances left, indicating a mismatch in the expected state management process.

Impact

The vulnerability can lead to warnings and potential instability when removing CPU hotplug states, as instances may be left active, causing a mismatch in the expected state management.

Reproduction

To reproduce this vulnerability, load the Coresight TRBE driver and then remove it using the 'rmmod' command. This will trigger a warning about removing a hotplug state that still has instances left, indicating that the state management was not properly synchronized before the driver was unloaded.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version to apply the fix.