Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove() Commit 09f012e64e4b ("stmmac: intel: Fix clock handling on error and remove paths") removed this clk_disable_unprepare() This was partly revert by commit ac322f86b56c ("net: stmmac: Fix clock handling on remove path") which removed this clk_disable_unprepare() because: " While unloading the dwmac-intel driver, clk_disable_unprepare() is being called twice in stmmac_dvr_remove() and intel_eth_pci_remove(). This causes kernel panic on the second call. " However later on, commit 5ec55823438e8 ("net: stmmac: add clocks management for gmac driver") has updated stmmac_dvr_remove() which do not call clk_disable_unprepare() anymore. So this call should now be called from intel_eth_pci_remove().
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.10.81, < 5.10.138 |
References
- https://git.kernel.org/stable/c/02f3642d8e657c05f382729c165bed46745dc18cPatch
- https://git.kernel.org/stable/c/47129531196054b374017555165b47a43cdb6f41Patch
- https://git.kernel.org/stable/c/5c23d6b717e4e956376f3852b90f58e262946b50Patch
- https://git.kernel.org/stable/c/9400aeb419d35e718e90aa14a97c11229d0a40bcPatch
FAQ
What is CVE-2022-50039?
CVE-2022-50039 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove() Commit 09f012e64e4b ("stmmac: intel: Fix clock...
How severe is CVE-2022-50039?
CVE-2022-50039 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-50039?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.