Linux Kernel cpufreq amd-pstate Driver Lock Removal Vulnerability

Vulnerability

A vulnerability in the Linux kernel's cpufreq amd-pstate driver has been addressed by removing an unnecessary driver-wide lock in the set_boost function. This lock was not needed as set_boost is a per-policy function call. The previous implementation posed a risk of deadlock by potentially colliding with another mutex acquisition from the mode-switch path in the status_store function.

Impact

The removal of the unnecessary driver lock prevents potential deadlocks that could arise from conflicting mutex acquisitions in different parts of the driver.

Added: Jun 18, 2025, 11:40 AM

Updated: Jun 18, 2025, 11:40 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel cpufreq amd-pstate Driver Lock Removal Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating