Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Rockchip DWC MSHC Controller Illegal Clock Reduction Vulnerability in HS200/HS400 Mode

Vulnerability

A vulnerability exists in the Linux kernel's handling of clock frequencies for the Rockchip DWC MSHC controller when in HS200 or HS400 timing modes. The controller requires a minimum clock frequency of 52MHz, and reducing the clock below this threshold can break the link. The issue has been addressed by adding a check to prevent illegal clock reductions through debugfs.

Impact

The vulnerability could lead to a broken link in the HS200 or HS400 timing modes, disrupting communication with the Rockchip DWC MSHC controller.

Reproduction

To reproduce this vulnerability, set the Rockchip DWC MSHC controller to HS200 or HS400 timing modes. Then, use debugfs to reduce the clock frequency below 52MHz. This will trigger a link failure, as the controller cannot maintain the required minimum clock in these modes.

Remediation

The vulnerability has been fixed in the Linux kernel stable tree. Instructions for applying the patch are available in the commit details.

Added: Feb 14, 2026, 3:28 PM
Updated: Feb 14, 2026, 3:28 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.4
remediation
7.7
relevance
3.1
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.