Linux Kernel PM Runtime Usage Count Underflow Vulnerability in Chips-Media Wave5 Driver

A vulnerability in the Linux kernel's chips-media wave5 driver has been addressed, concerning improper management of power management (PM) runtime usage counts. The issue arose because the driver called 'pm_runtime_put_sync()' unconditionally during the removal of a device, without accounting for the possibility that the device had already been suspended by an earlier autosuspend feature. This mismanagement led to a runtime PM usage count underflow, triggering a warning during module unloading. The vulnerability affected the Linux kernel stable tree.

Impact

The vulnerability caused a runtime PM usage count underflow, which can lead to incorrect power management behavior and potentially disrupt the normal operation of the affected device.

Reproduction

To reproduce this issue, load the chips-media wave5 driver and allow the device to be autosuspended. Then, unload the module, which will trigger the PM usage count underflow warning. This occurs because 'pm_runtime_put_sync()' decreases the usage count below zero, creating a mismatch in the expected PM runtime management.

Remediation

The vulnerability has been fixed by replacing 'pm_runtime_put_sync()' with 'pm_runtime_dont_use_autosuspend()' in the driver's remove function. This change ensures that the PM runtime reference count is managed correctly, regardless of the device's suspend state.