Linux Kernel Meson SPICC Double-Put Vulnerability in SPI Controller Removal

A vulnerability in the Linux kernel's SPI controller management for the Meson SPICC driver has been addressed. The issue arose because the 'meson_spicc_probe()' function registered the SPI controller with 'devm_spi_register_controller()', which automatically manages the controller's lifecycle. However, the corresponding removal function, 'meson_spicc_remove()', incorrectly called 'spi_controller_put()' again, leading to a double reference drop. This flaw could potentially cause memory management issues.

Impact

The vulnerability could lead to memory management problems, specifically a double-put scenario that can cause use-after-free conditions or similar issues, depending on the context.

Reproduction

The vulnerability can be reproduced by probing a Meson SPICC SPI controller, which will be registered with the device management system. Then, the removal process can be initiated, which will incorrectly attempt to release the controller reference twice, creating a double-put situation.

Remediation

The vulnerability has been fixed in the Linux kernel. Users can upgrade to the latest version to address this issue.