Description
In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no thread can acquire the syncpt_mutex after the refcount drops to zero but before syncpt_release acquires it. This prevents races where syncpoints could be allocated while still being cleaned up from a previous release. Remove explicit mutex locking in syncpt_release as kref_put_mutex() handles this atomically.
Product status
f5ba33fb9690566c382624637125827b5512e766 (git) before ca9388fba50dac2eb71c13702b7022a801bef90e
f5ba33fb9690566c382624637125827b5512e766 (git) before 4aeaece518fa4436af93d1d8b786200d9656ff4b
f5ba33fb9690566c382624637125827b5512e766 (git) before 6245cce711e2cdb2cc75c0bb8632952e36f8c972
f5ba33fb9690566c382624637125827b5512e766 (git) before 4e6e07ce0197aecfb6c4a62862acc93b3efedeb7
f5ba33fb9690566c382624637125827b5512e766 (git) before d138f73ffb0c57ded473c577719e6e551b7b1f27
f5ba33fb9690566c382624637125827b5512e766 (git) before 79197c6007f2afbfd7bcf5b9b80ccabf8483d774
f5ba33fb9690566c382624637125827b5512e766 (git) before c7d393267c497502fa737607f435f05dfe6e3d9b
5.13
Any version before 5.13
5.15.198 (semver)
6.1.160 (semver)
6.6.120 (semver)
6.12.63 (semver)
6.17.13 (semver)
6.18.2 (semver)
6.19 (original_commit_for_fix)
References
git.kernel.org/...c/ca9388fba50dac2eb71c13702b7022a801bef90e
git.kernel.org/...c/4aeaece518fa4436af93d1d8b786200d9656ff4b
git.kernel.org/...c/6245cce711e2cdb2cc75c0bb8632952e36f8c972
git.kernel.org/...c/4e6e07ce0197aecfb6c4a62862acc93b3efedeb7
git.kernel.org/...c/d138f73ffb0c57ded473c577719e6e551b7b1f27
git.kernel.org/...c/79197c6007f2afbfd7bcf5b9b80ccabf8483d774
git.kernel.org/...c/c7d393267c497502fa737607f435f05dfe6e3d9b