[PATCH] cpufreq: scmi: Fix of_node use-after-free in scmi_dev_used_by_cpus()
Viresh Kumar
viresh.kumar at linaro.org
Mon Mar 2 20:20:50 PST 2026
On 02-03-26, 23:53, Hans Zhang wrote:
> In scmi_dev_used_by_cpus(), the code previously released the of_node
> reference via of_node_put(np) before checking whether np equals scmi_np.
> This could lead to a use-after-free if the node pointer was accessed
> after being freed. Reorder the logic to perform the comparison first
> and only put the node after the check, or immediately return if they
> match. This ensures safe reference counting and avoids potential kernel
> crashes.
It shouldn't lead to a use-after-free problem as we aren't using the `np` for
anything apart from simple comparison of value.
--
viresh
More information about the linux-arm-kernel
mailing list