CVE-2022-50029

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-50029
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50029.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-50029
Downstream
Related
Published
2025-06-18T11:15:31Z
Modified
2025-07-01T14:23:15.100572Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

clk: qcom: ipq8074: dont disable gccsleepclk_src

Once the usb sleep clocks are disabled, clock framework is trying to disable the sleep clock source also.

However, it seems that it cannot be disabled and trying to do so produces: [ 245.436390] ------------[ cut here ]------------ [ 245.441233] gccsleepclksrc status stuck at 'on' [ 245.441254] WARNING: CPU: 2 PID: 223 at clkbranchwait+0x130/0x140 [ 245.450435] Modules linked in: xhciplathcd xhcihcd dwc3 dwc3qcom ledsgpio [ 245.456601] CPU: 2 PID: 223 Comm: sh Not tainted 5.18.0-rc4 #215 [ 245.463889] Hardware name: Xiaomi AX9000 (DT) [ 245.470050] pstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 245.474307] pc : clkbranchwait+0x130/0x140 [ 245.481073] lr : clkbranchwait+0x130/0x140 [ 245.485588] sp : ffffffc009f2bad0 [ 245.489838] x29: ffffffc009f2bad0 x28: ffffff8003e6c800 x27: 0000000000000000 [ 245.493057] x26: 0000000000000000 x25: 0000000000000000 x24: ffffff800226ef20 [ 245.500175] x23: ffffffc0089ff550 x22: 0000000000000000 x21: ffffffc008476ad0 [ 245.507294] x20: 0000000000000000 x19: ffffffc00965ac70 x18: fffffffffffc51a7 [ 245.514413] x17: 68702e3030303837 x16: 3a6d726f6674616c x15: ffffffc089f2b777 [ 245.521531] x14: ffffffc0095c9d18 x13: 0000000000000129 x12: 0000000000000129 [ 245.528649] x11: 00000000ffffffea x10: ffffffc009621d18 x9 : 0000000000000001 [ 245.535767] x8 : 0000000000000001 x7 : 0000000000017fe8 x6 : 0000000000000001 [ 245.542885] x5 : ffffff803fdca6d8 x4 : 0000000000000000 x3 : 0000000000000027 [ 245.550002] x2 : 0000000000000027 x1 : 0000000000000023 x0 : 0000000000000026 [ 245.557122] Call trace: [ 245.564229] clkbranchwait+0x130/0x140 [ 245.566490] clkbranch2disable+0x2c/0x40 [ 245.570656] clkcoredisable+0x60/0xb0 [ 245.574561] clkcoredisable+0x68/0xb0 [ 245.578293] clkdisable+0x30/0x50 [ 245.582113] dwc3qcomremove+0x60/0xc0 [dwc3qcom] [ 245.585588] platformremove+0x28/0x60 [ 245.590361] deviceremove+0x4c/0x80 [ 245.594179] devicereleasedriverinternal+0x1dc/0x230 [ 245.597914] devicedriverdetach+0x18/0x30 [ 245.602861] unbindstore+0xec/0x110 [ 245.607027] drvattrstore+0x24/0x40 [ 245.610847] sysfskfwrite+0x44/0x60 [ 245.614405] kernfsfopwriteiter+0x128/0x1c0 [ 245.618052] newsyncwrite+0xc0/0x130 [ 245.622391] vfswrite+0x1d4/0x2a0 [ 245.626123] ksyswrite+0x58/0xe0 [ 245.629508] _arm64syswrite+0x1c/0x30 [ 245.632895] invokesyscall.constprop.0+0x5c/0x110 [ 245.636890] doel0svc+0xa0/0x150 [ 245.641488] el0svc+0x18/0x60 [ 245.644872] el0t64synchandler+0xa4/0x130 [ 245.647914] el0t64_sync+0x174/0x178 [ 245.652340] ---[ end trace 0000000000000000 ]---

So, add CLKISCRITICAL flag to the clock so that the kernel won't try to disable the sleep clock.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.140-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}