CVE-2026-46247
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
clk: qcom: gfx3d: add parent to parent request map
After commit d228ece36345 ("clk: divider: remove round_rate() in favor of determine_rate()") determining GFX3D clock rate crashes, because the passed parent map doesn't provide the expected best_parent_hw clock (with the roundd_rate path before the offending commit the best_parent_hw was ignored).
Set the field in parent_req in addition to setting it in the req, fixing the crash.
clk_hw_round_rate (drivers/clk/clk.c:1764) (P) clk_divider_bestdiv (drivers/clk/clk-divider.c:336) divider_determine_rate (drivers/clk/clk-divider.c:358) clk_alpha_pll_postdiv_determine_rate (drivers/clk/qcom/clk-alpha-pll.c:1275) clk_core_determine_round_nolock (drivers/clk/clk.c:1606) clk_core_round_rate_nolock (drivers/clk/clk.c:1701) __clk_determine_rate (drivers/clk/clk.c:1741) clk_gfx3d_determine_rate (drivers/clk/qcom/clk-rcg2.c:1268) clk_core_determine_round_nolock (drivers/clk/clk.c:1606) clk_core_round_rate_nolock (drivers/clk/clk.c:1701) clk_core_round_rate_nolock (drivers/clk/clk.c:1710) clk_round_rate (drivers/clk/clk.c:1804) dev_pm_opp_set_rate (drivers/opp/core.c:1440 (discriminator 1)) msm_devfreq_target (drivers/gpu/drm/msm/msm_gpu_devfreq.c:51) devfreq_set_target (drivers/devfreq/devfreq.c:360) devfreq_update_target (drivers/devfreq/devfreq.c:426) devfreq_monitor (drivers/devfreq/devfreq.c:458) process_one_work (arch/arm64/include/asm/jump_label.h:36 include/trace/events/workqueue.h:110 kernel/workqueue.c:3284) worker_thread (kernel/workqueue.c:3356 (discriminator 2) kernel/workqueue.c:3443 (discriminator 2)) kthread (kernel/kthread.c:467) ret_from_fork (arch/arm64/kernel/entry.S:861)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 55213e1acec9218580c90d36034aa0370a51daab < 82cfe5292b11deb1dc33822f67f73cfbe8eafe25 | affected |
| Linux | Linux | 55213e1acec9218580c90d36034aa0370a51daab < 547ae2f17349c7586953af5ef50de43ef3f65e9e | affected |
| Linux | Linux | 55213e1acec9218580c90d36034aa0370a51daab < 56360aa4ddd736fc19e6d0b0206c5e437e0d6ff8 | affected |
| Linux | Linux | 55213e1acec9218580c90d36034aa0370a51daab < aed53da569fb96eec09b4817b1953bcc2e467eea | affected |
| Linux | Linux | 55213e1acec9218580c90d36034aa0370a51daab < 8aa972eba1f29068d13bec716d33abca30fb3f2a | affected |
| Linux | Linux | 55213e1acec9218580c90d36034aa0370a51daab < 2583cb925ca1ce450aa5d74a05a67448db970193 | affected |
| Linux | Linux | 4.5 | affected |
| Linux | Linux | 0 < 4.5 | unaffected |
| Linux | Linux | 6.1.165 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.128 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.75 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.14 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.4 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/82cfe5292b11deb1dc33822f67f73cfbe8eafe25
- https://git.kernel.org/stable/c/547ae2f17349c7586953af5ef50de43ef3f65e9e
- https://git.kernel.org/stable/c/56360aa4ddd736fc19e6d0b0206c5e437e0d6ff8
- https://git.kernel.org/stable/c/aed53da569fb96eec09b4817b1953bcc2e467eea
- https://git.kernel.org/stable/c/8aa972eba1f29068d13bec716d33abca30fb3f2a
- https://git.kernel.org/stable/c/2583cb925ca1ce450aa5d74a05a67448db970193
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.