CVE-2024-46691

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> usb: typec: ucsi: Move unregister out of atomic section<br /> <br /> Commit &amp;#39;9329933699b3 ("soc: qcom: pmic_glink: Make client-lock<br /> non-sleeping")&amp;#39; moved the pmic_glink client list under a spinlock, as it<br /> is accessed by the rpmsg/glink callback, which in turn is invoked from<br /> IRQ context.<br /> <br /> This means that ucsi_unregister() is now called from atomic context,<br /> which isn&amp;#39;t feasible as it&amp;#39;s expecting a sleepable context. An effort is<br /> under way to get GLINK to invoke its callbacks in a sleepable context,<br /> but until then lets schedule the unregistration.<br /> <br /> A side effect of this is that ucsi_unregister() can now happen<br /> after the remote processor, and thereby the communication link with it, is<br /> gone. pmic_glink_send() is amended with a check to avoid the resulting NULL<br /> pointer dereference.<br /> This does however result in the user being informed about this error by<br /> the following entry in the kernel log:<br /> <br /> ucsi_glink.pmic_glink_ucsi pmic_glink.ucsi.0: failed to send UCSI write request: -5