2.0 KiB
CVE-2025-37901
Description
In the Linux kernel, the following vulnerability has been resolved:irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOsOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do nothave a corresponding MPM pin and should not be handled inside the MPMdriver. The IRQ domain hierarchy is always applied, so it's required toexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marksthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, butirq-qcom-mpm is currently missing the check. This is causing crashes whensetting up interrupts for non-wake GPIOs: root@rb1:~# gpiomon -c gpiochip1 10 irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1 Unable to handle kernel paging request at virtual address ffff8000a1dc3820 Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT) pc : mpm_set_type+0x80/0xcc lr : mpm_set_type+0x5c/0xcc Call trace: mpm_set_type+0x80/0xcc (P) qcom_mpm_set_type+0x64/0x158 irq_chip_set_type_parent+0x20/0x38 msm_gpio_irq_set_type+0x50/0x530 __irq_set_trigger+0x60/0x184 __setup_irq+0x304/0x6bc request_threaded_irq+0xc8/0x19c edge_detector_setup+0x260/0x364 linereq_create+0x420/0x5a8 gpio_ioctl+0x2d4/0x6c0Fix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so thatMPM is removed entirely from the hierarchy for non-wake GPIOs.
POC
Reference
No PoCs from references.