Linux Kernel RZG2L ADC Driver Runtime PM Vulnerability

A vulnerability in the Linux kernel's RZG2L ADC driver can lead to a system crash. This issue arises when the ADC device, which supplies data to another device (such as a thermal sensor), is rapidly unbound and re-bound. During this process, the ADC may be resumed before the driver's data is properly set, causing a crash when the driver attempts to use this data. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can cause a system crash by disrupting the runtime power management process of the affected ADC device.

Reproduction

The vulnerability can be reproduced by stress-testing the system with a loop that repeatedly unbinds and binds the ADC device. This should be done while the ADC is supplying data to another device, such as a thermal hardware block that reads temperature through the ADC. The issue occurs when the ADC device is runtime-resumed by its consumer before the driver's data has been set, leading to a crash.

Remediation

The vulnerability has been addressed by modifying the driver to set the runtime data immediately after it is allocated, before enabling runtime power management. Users should apply the latest patches available in the Linux kernel stable tree to mitigate this issue.