| The vulnerability, tracked as CVE-2021-47187, affects the MSM8998 processor on arm64 architecture in the Linux kernel. The issue lies in the misconfiguration of idle state latency and residency timings for CPU/L2 cache power collapse states. Specifically, the minimum residency time (min-residency-us) was miscalculated, and the power collapse states were setting power collapse (PC) on both the CPU cluster and L2 cache, which have different timings. |
| |
| This misconfiguration did not cause issues previously because CPU scaling was not enabled on MSM8998, and therefore, cluster/L2 power collapse was rarely hit. However, when CPU scaling is enabled, the wrong timings can cause SoC instability, leading to random, error-less sudden reboots or lockups. The fix updates the idle state latency and residency timings to correct values, ensuring system stability when CPU scaling is enabled. |
| |
| The affected file is arch/arm64/boot/dts/qcom/msm8998.dtsi, and the vulnerability has been fixed in kernel versions 5.4.162, 5.10.82, 5.15.5, and 5.16 with specific commit IDs. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue and other bugfixes. |
| |
