GHSA-4fhj-6vjr-7222unknown
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and...
🔗 CVE IDs covered (1)
📋 Description
In the Linux kernel, the following vulnerability has been resolved:
i2c: imx: fix clock and pinctrl state inconsistency in runtime PM
In i2c_imx_runtime_suspend(), the clock is disabled before switching the pinctrl state to sleep. If pinctrl_pm_select_sleep_state() fails, the runtime suspend is aborted but the clock remains disabled, causing a system crash when the hardware is subsequently accessed.
Fix this by switching the pinctrl state before disabling the clock so that a pinctrl failure leaves the clock enabled and the hardware accessible.
In i2c_imx_runtime_resume(), restore the pinctrl state back to sleep if clk_enable() fails to keep the consistent.
🔗 References (5)
- https://nvd.nist.gov/vuln/detail/CVE-2026-53340
- https://git.kernel.org/stable/c/8783fb8031799f1230997c16df8c8dce9fcd1841
- https://git.kernel.org/stable/c/9fa82cf393bafc7bd7ca15c1d5cbd5b57ab9de1d
- https://git.kernel.org/stable/c/c8f5269c1bf505847bc7dbb92054594790114de6
- https://github.com/advisories/GHSA-4fhj-6vjr-7222