CVE-2024-57889

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74

Description A vulnerability in the Linux kernel has been resolved, specifically in the pinctrl-mcp23s08 driver. The issue occurs when a device uses the MCP23xxx IO expander to receive IRQs, which can cause a sleeping function to be called from an invalid context. This happens because the regmap in the driver uses a mutex for protection from concurrent accesses, but the system tries to lock the mutex while holding a spinlock. The vulnerability was observed while experimenting with a touchscreen driver that used the MCP23017 IO expander. The estimated number of potentially affected devices is not specified.

Recommendations To resolve the issue, update to Linux kernel version 6.6.74 or later. As a temporary workaround, consider disabling the mcp23s08 irq set type() function until a patch is available. Restrict access to the mcp23s08 driver to minimize the risk of exploitation. Avoid using the regmap update bits base() function in the affected API endpoint until the issue is resolved. Additionally, apply the patch that adds locking in mcp pinconf get/set() and disables internal locking in the regmap config.