CVE-2022-50039

In the Linux kernel, the following vulnerability has been resolved: stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove() Commit 09f012e64e4b ("stmmac: intel: Fix clock handling on error and remove paths") removed this clk_disable_unprepare() This was partly revert by commit ac322f86b56c ("net: stmmac: Fix clock handling on remove path") which removed this clk_disable_unprepare() because: " While unloading the dwmac-intel driver, clk_disable_unprepare() is being called twice in stmmac_dvr_remove() and intel_eth_pci_remove(). This causes kernel panic on the second call. " However later on, commit 5ec55823438e8 ("net: stmmac: add clocks management for gmac driver") has updated stmmac_dvr_remove() which do not call clk_disable_unprepare() anymore. So this call should now be called from intel_eth_pci_remove().

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/02f3642d8e657c05f382729c165bed46745dc18c	Patch
https://git.kernel.org/stable/c/47129531196054b374017555165b47a43cdb6f41	Patch
https://git.kernel.org/stable/c/5c23d6b717e4e956376f3852b90f58e262946b50	Patch
https://git.kernel.org/stable/c/9400aeb419d35e718e90aa14a97c11229d0a40bc	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc1::::::

History

13 Nov 2025, 18:57

Type	Values Removed	Values Added
First Time		Linux Linux linux Kernel
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:linux:linux_kernel:6.0:rc1:::::: cpe:2.3:o:linux:linux_kernel::::::::
References	~~() https://git.kernel.org/stable/c/02f3642d8e657c05f382729c165bed46745dc18c -~~	() https://git.kernel.org/stable/c/02f3642d8e657c05f382729c165bed46745dc18c - Patch
References	~~() https://git.kernel.org/stable/c/47129531196054b374017555165b47a43cdb6f41 -~~	() https://git.kernel.org/stable/c/47129531196054b374017555165b47a43cdb6f41 - Patch
References	~~() https://git.kernel.org/stable/c/5c23d6b717e4e956376f3852b90f58e262946b50 -~~	() https://git.kernel.org/stable/c/5c23d6b717e4e956376f3852b90f58e262946b50 - Patch
References	~~() https://git.kernel.org/stable/c/9400aeb419d35e718e90aa14a97c11229d0a40bc -~~	() https://git.kernel.org/stable/c/9400aeb419d35e718e90aa14a97c11229d0a40bc - Patch
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: stmmac: intel: Añadir una llamada clk_disable_unprepare() faltante en intel_eth_pci_remove(). el commit 09f012e64e4b ("stmmac: intel: Corregir el manejo del reloj en caso de error y eliminar rutas") eliminó esta clk_disable_unprepare(). Esto se revirtió parcialmente mediante el commit ac322f86b56c ("net: stmmac: Corregir el manejo del reloj al eliminar la ruta"), que eliminó esta clk_disable_unprepare() porque: "Al descargar el controlador dwmac-intel, se llama a clk_disable_unprepare() dos veces en stmmac_dvr_remove() e intel_eth_pci_remove(). Esto provoca un pánico del kernel en la segunda llamada". Sin embargo, más tarde, el commit 5ec55823438e8 ("net: stmmac: añadir la gestión de relojes para el controlador gmac") ha actualizado stmmac_dvr_remove() ya no llama a clk_disable_unprepare(). Por lo tanto, esta llamada ahora debe ejecutarse desde intel_eth_pci_remove().

18 Jun 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-18 11:15

Updated : 2025-11-13 18:57

NVD link : CVE-2022-50039

Mitre link : CVE-2022-50039

CVE.ORG link : CVE-2022-50039

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

5.5 /10