CVE-2022-50029

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-50029
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50029.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-50029
Downstream
Related
Published
2025-06-18T11:01:32.210Z
Modified
2026-04-03T13:14:44.809399620Z
Summary
clk: qcom: ipq8074: dont disable gcc_sleep_clk_src
Details

In the Linux kernel, the following vulnerability has been resolved:

clk: qcom: ipq8074: dont disable gccsleepclk_src

Once the usb sleep clocks are disabled, clock framework is trying to disable the sleep clock source also.

However, it seems that it cannot be disabled and trying to do so produces: [ 245.436390] ------------[ cut here ]------------ [ 245.441233] gccsleepclksrc status stuck at 'on' [ 245.441254] WARNING: CPU: 2 PID: 223 at clkbranchwait+0x130/0x140 [ 245.450435] Modules linked in: xhciplathcd xhcihcd dwc3 dwc3qcom ledsgpio [ 245.456601] CPU: 2 PID: 223 Comm: sh Not tainted 5.18.0-rc4 #215 [ 245.463889] Hardware name: Xiaomi AX9000 (DT) [ 245.470050] pstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 245.474307] pc : clkbranchwait+0x130/0x140 [ 245.481073] lr : clkbranchwait+0x130/0x140 [ 245.485588] sp : ffffffc009f2bad0 [ 245.489838] x29: ffffffc009f2bad0 x28: ffffff8003e6c800 x27: 0000000000000000 [ 245.493057] x26: 0000000000000000 x25: 0000000000000000 x24: ffffff800226ef20 [ 245.500175] x23: ffffffc0089ff550 x22: 0000000000000000 x21: ffffffc008476ad0 [ 245.507294] x20: 0000000000000000 x19: ffffffc00965ac70 x18: fffffffffffc51a7 [ 245.514413] x17: 68702e3030303837 x16: 3a6d726f6674616c x15: ffffffc089f2b777 [ 245.521531] x14: ffffffc0095c9d18 x13: 0000000000000129 x12: 0000000000000129 [ 245.528649] x11: 00000000ffffffea x10: ffffffc009621d18 x9 : 0000000000000001 [ 245.535767] x8 : 0000000000000001 x7 : 0000000000017fe8 x6 : 0000000000000001 [ 245.542885] x5 : ffffff803fdca6d8 x4 : 0000000000000000 x3 : 0000000000000027 [ 245.550002] x2 : 0000000000000027 x1 : 0000000000000023 x0 : 0000000000000026 [ 245.557122] Call trace: [ 245.564229] clkbranchwait+0x130/0x140 [ 245.566490] clkbranch2disable+0x2c/0x40 [ 245.570656] clkcoredisable+0x60/0xb0 [ 245.574561] clkcoredisable+0x68/0xb0 [ 245.578293] clkdisable+0x30/0x50 [ 245.582113] dwc3qcomremove+0x60/0xc0 [dwc3qcom] [ 245.585588] platformremove+0x28/0x60 [ 245.590361] deviceremove+0x4c/0x80 [ 245.594179] devicereleasedriverinternal+0x1dc/0x230 [ 245.597914] devicedriverdetach+0x18/0x30 [ 245.602861] unbindstore+0xec/0x110 [ 245.607027] drvattrstore+0x24/0x40 [ 245.610847] sysfskfwrite+0x44/0x60 [ 245.614405] kernfsfopwriteiter+0x128/0x1c0 [ 245.618052] newsyncwrite+0xc0/0x130 [ 245.622391] vfswrite+0x1d4/0x2a0 [ 245.626123] ksys_write+0x58/0xe0 [ 245.629508] _arm64syswrite+0x1c/0x30 [ 245.632895] invokesyscall.constprop.0+0x5c/0x110 [ 245.636890] doel0svc+0xa0/0x150 [ 245.641488] el0svc+0x18/0x60 [ 245.644872] el0t64synchandler+0xa4/0x130 [ 245.647914] el0t64sync+0x174/0x178 [ 245.652340] ---[ end trace 0000000000000000 ]---

So, add CLKISCRITICAL flag to the clock so that the kernel won't try to disable the sleep clock.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50029.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
371a95074558a08d47e3acaa29f810aae6f03d0a
Fixed
38cee0d2b65eed42a44052de1bfdc0177b6c3f05
Fixed
4203b76abe539f3cac258d4cf1e16e2dd95ea60f
Fixed
d401611a93b332914cf91eb9bc0b63fa1bdc17e9
Fixed
6b90ab952401bd6c1a321dcfc0e0df080f2bc905
Fixed
17d58499dc9c7e059dab7d170e9bae1e7e9c561b
Fixed
459411b9f0180e3f382d7abfa3028dd3285984c3
Fixed
1bf7305e79aab095196131bdc87a97796e0e3fac

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50029.json"