Linux Kernel Soundwire Bus Unbalanced pm_runtime_put Usage Count Underflow Vulnerability

A vulnerability in the Linux kernel's Soundwire bus implementation has been addressed. The issue was caused by an unbalanced usage count due to improper handling of the pm_runtime functions, leading to a count underflow. The vulnerability arose because the function pm_runtime_resume_and_get() was used incorrectly, allowing an error to be ignored while still decrementing the usage count. This mismanagement could potentially be exploited in scenarios where precise control of the runtime power management is critical.

Impact

The vulnerability could lead to a usage count underflow, causing improper management of device power states, which could disrupt normal device operation.

Reproduction

The vulnerability can be reproduced by using the Soundwire bus functions that manage device communication. The issue occurs when these functions attempt to manipulate the power management runtime without properly handling errors, particularly the -EACCES error, which indicates that a device cannot be accessed. This error should prevent the corresponding pm_runtime_put() call from being made, but the flawed implementation allows the put() to execute regardless, creating an unbalanced count.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.