{"id":"CVE-2022-49458","summary":"drm/msm: don't free the IRQ if it was not requested","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: don't free the IRQ if it was not requested\n\nAs msm_drm_uninit() is called from the msm_drm_init() error path,\nadditional care should be necessary as not to call the free_irq() for\nthe IRQ that was not requested before (because an error occured earlier\nthan the request_irq() call).\n\nThis fixed the issue reported with the following backtrace:\n\n[    8.571329] Trying to free already-free IRQ 187\n[    8.571339] WARNING: CPU: 0 PID: 76 at kernel/irq/manage.c:1895 free_irq+0x1e0/0x35c\n[    8.588746] Modules linked in: pmic_glink pdr_interface fastrpc qrtr_smd snd_soc_hdmi_codec msm fsa4480 gpu_sched drm_dp_aux_bus qrtr i2c_qcom_geni crct10dif_ce qcom_stats qcom_q6v5_pas drm_display_helper gpi qcom_pil_info drm_kms_helper qcom_q6v5 qcom_sysmon qcom_common qcom_glink_smem qcom_rng mdt_loader qmi_helpers phy_qcom_qmp ufs_qcom typec qnoc_sm8350 socinfo rmtfs_mem fuse drm ipv6\n[    8.624154] CPU: 0 PID: 76 Comm: kworker/u16:2 Not tainted 5.18.0-rc5-next-20220506-00033-g6cee8cab6089-dirty #419\n[    8.624161] Hardware name: Qualcomm Technologies, Inc. SM8350 HDK (DT)\n[    8.641496] Workqueue: events_unbound deferred_probe_work_func\n[    8.647510] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[    8.654681] pc : free_irq+0x1e0/0x35c\n[    8.658454] lr : free_irq+0x1e0/0x35c\n[    8.662228] sp : ffff800008ab3950\n[    8.665642] x29: ffff800008ab3950 x28: 0000000000000000 x27: ffff16350f56a700\n[    8.672994] x26: ffff1635025df080 x25: ffff16350251badc x24: ffff16350251bb90\n[    8.680343] x23: 0000000000000000 x22: 00000000000000bb x21: ffff16350e8f9800\n[    8.687690] x20: ffff16350251ba00 x19: ffff16350cbd5880 x18: ffffffffffffffff\n[    8.695039] x17: 0000000000000000 x16: ffffa2dd12179434 x15: ffffa2dd1431d02d\n[    8.702391] x14: 0000000000000000 x13: ffffa2dd1431d028 x12: 662d79646165726c\n[    8.709740] x11: ffffa2dd13fd2438 x10: 000000000000000a x9 : 00000000000000bb\n[    8.717111] x8 : ffffa2dd13fd23f0 x7 : ffff800008ab3750 x6 : 00000000fffff202\n[    8.724487] x5 : ffff16377e870a18 x4 : 00000000fffff202 x3 : ffff735a6ae1b000\n[    8.731851] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff1635015f8000\n[    8.739217] Call trace:\n[    8.741755]  free_irq+0x1e0/0x35c\n[    8.745198]  msm_drm_uninit.isra.0+0x14c/0x294 [msm]\n[    8.750548]  msm_drm_bind+0x28c/0x5d0 [msm]\n[    8.755081]  try_to_bring_up_aggregate_device+0x164/0x1d0\n[    8.760657]  __component_add+0xa0/0x170\n[    8.764626]  component_add+0x14/0x20\n[    8.768337]  dp_display_probe+0x2a4/0x464 [msm]\n[    8.773242]  platform_probe+0x68/0xe0\n[    8.777043]  really_probe.part.0+0x9c/0x28c\n[    8.781368]  __driver_probe_device+0x98/0x144\n[    8.785871]  driver_probe_device+0x40/0x140\n[    8.790191]  __device_attach_driver+0xb4/0x120\n[    8.794788]  bus_for_each_drv+0x78/0xd0\n[    8.798751]  __device_attach+0xdc/0x184\n[    8.802713]  device_initial_probe+0x14/0x20\n[    8.807031]  bus_probe_device+0x9c/0xa4\n[    8.810991]  deferred_probe_work_func+0x88/0xc0\n[    8.815667]  process_one_work+0x1d0/0x320\n[    8.819809]  worker_thread+0x14c/0x444\n[    8.823688]  kthread+0x10c/0x110\n[    8.827036]  ret_from_fork+0x10/0x20\n\nPatchwork: https://patchwork.freedesktop.org/patch/485422/","modified":"2026-05-18T05:55:17.644195676Z","published":"2025-02-26T02:13:06.202Z","related":["SUSE-SU-2025:1176-1","SUSE-SU-2025:1241-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49458.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/577e2a9dfc8fba7938aaf75db63fae7e328cc3cb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/59023c4fb1ab3de0fa001681650f662c253c7fd7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b288ec4439c1dad304c1862bf6b0be78d9b1b2b2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/beb81c13d020ceb7f8693e65464162e5f249218e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49458.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49458"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f026e431cf861197dc03217d1920b38b80b31dd9"},{"fixed":"beb81c13d020ceb7f8693e65464162e5f249218e"},{"fixed":"b288ec4439c1dad304c1862bf6b0be78d9b1b2b2"},{"fixed":"59023c4fb1ab3de0fa001681650f662c253c7fd7"},{"fixed":"577e2a9dfc8fba7938aaf75db63fae7e328cc3cb"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49458.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.15.0"},{"fixed":"5.15.46"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"5.17.14"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.18.0"},{"fixed":"5.18.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49458.json"}}],"schema_version":"1.7.5"}