Linux Kernel SafeXcel Driver IRQ Cleanup Failure Vulnerability

A vulnerability in the Linux kernel's SafeXcel driver can lead to improper cleanup of IRQ workqueues and affinities when the driver fails to load. This issue generates a warning during boot, indicating that the IRQ management has not been correctly handled. The vulnerability is present in the Linux kernel crypto subsystem, specifically within the SafeXcel EIP197 crypto engine driver.

Impact

The vulnerability can cause a denial of service by leaving IRQs improperly managed, which may lead to IRQ-related issues or warnings during system operation.

Reproduction

To reproduce this vulnerability, load the SafeXcel driver on a MikroTik RB5009 device running Linux kernel 6.1.6. If the driver fails to initialize correctly, it will not clean up the associated IRQ workqueues and affinities, leaving the system in a state that generates warnings about the missed cleanup. This can be observed in the system logs, where the 'free_irq' function reports that an IRQ was not released properly, indicating that the driver failed to unload cleanly.

Remediation

The vulnerability has been addressed in upstream Linux kernel commits. Users can upgrade to a version that includes these commits to mitigate the issue.