Ian Ray

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a race condition in the Linux kernel's gpio: pca953x module. Specifically, the problem occurs when a request races against irq bus sync unlock() approximately once per thousand reboots on an i.MX8MP based system. To avoid races, it is essential to ensure that the `i2c lock` is held when setting interrupt latch and mask in pca953x irq bus sync unlock(). The other non-probe call site, pca953x gpio set multiple(), ensures the lock is held before calling pca953x write regs(). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.