Mike Tipton

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the interconnect component in the Linux kernel, where the `icc lock` mutex was split into separate `icc lock` and `icc bw lock` mutexes to avoid lockdep splats. However, this did not adequately protect access to `icc node::req list`. The `icc set bw()` function iterates over `req list` while only holding `icc bw lock`, but `req list` can be modified while only holding `icc lock`. This causes races between `icc set bw()`, `of icc get()`, and `icc put()`. To fix this, `icc bw lock` must always be held before manipulating `icc node::req list`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.