CVE-2024-50196

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue arises when a GPIO pin is configured in level mode and the parent controller is configured in edge mode. In such cases, the hardware may lower the GPIO interrupt, leading to a system hang when trying to service the parent interrupt. This occurs because the current implementation only calls chained irq enter() and chained irq exit() if it detects pending interrupts. Moving these functions outside the interrupt checking loop ensures they are called even when the GPIO interrupt is lowered by the hardware.

Recommendations: To resolve the issue, move the chained irq enter() and chained irq exit() functions outside the for loop to ensure they are called even when the GPIO interrupt is lowered by the hardware. As a temporary workaround, consider disabling the chained irq enter() and chained irq exit() functions until a patch is available. Restrict access to the vulnerable pinctrl module to minimize the risk of exploitation. Avoid using the chained irq enter() and chained irq exit() functions in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.