Description
In the Linux kernel, the following vulnerability has been resolved:

dmaengine: fsl-edma: don't explicitly disable clocks in .remove()

The clocks in fsl_edma_engine::muxclk are allocated and enabled with
devm_clk_get_enabled(), which automatically cleans these resources up,
but these clocks are also manually disabled in fsl_edma_remove(). This
causes warnings on driver removal for each clock:

edma_module already disabled
WARNING: CPU: 0 PID: 418 at drivers/clk/clk.c:1200 clk_core_disable+0x198/0x1c8
[...]
Call trace:
clk_core_disable+0x198/0x1c8 (P)
clk_disable+0x34/0x58
fsl_edma_remove+0x74/0xe8 [fsl_edma]
[...]
---[ end trace 0000000000000000 ]---
edma_module already unprepared
WARNING: CPU: 0 PID: 418 at drivers/clk/clk.c:1059 clk_core_unprepare+0x1f8/0x220
[...]
Call trace:
clk_core_unprepare+0x1f8/0x220 (P)
clk_unprepare+0x34/0x58
fsl_edma_remove+0x7c/0xe8 [fsl_edma]
[...]
---[ end trace 0000000000000000 ]---

Fix these warnings by removing the unnecessary fsl_disable_clocks() call
in fsl_edma_remove().
Published: 2026-06-03
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Freescale EDMA driver in the Linux kernel disables its clocks twice during module removal. The first call automatically releases the clocks via devm_clk_get_enabled(), and the second call to fsl_disable_clocks() becomes redundant, triggering warning messages during driver removal. This illustrates resource mismanagement corresponding to CWE-832, though no direct security impact such as disclosure or code execution is documented.

Affected Systems

All Linux kernel releases that include the fsl_edma driver for Freescale/NXP QorIQ platforms and are older than the commit that removes the unnecessary fsl_disable_clocks() call (commit 533d495f15e4c88ad5246c7f90ae026702e28d75) are affected. Distributions shipping such kernels should be considered vulnerable until the fix is applied.

Risk and Exploitability

The CVSS score is 5.5 and the EPSS score is below 1 %. The vulnerability is not in the CISA KEV catalog. Based on the description, it is inferred that unloading the fsl_edma module (the typical action that triggers the warnings) requires elevated privileges, so an attacker would need root access to trigger the issue. The overall risk is low and primarily involves benign kernel warnings, with no documented impact on confidentiality, integrity, or availability.

Generated by OpenCVE AI on June 9, 2026 at 23:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the kernel to a version that contains the commit removing the redundant fsl_disable_clocks() call in the fsl_edma driver.
  • Restrict unloading of the fsl_edma module to privileged processes to prevent untrusted users from triggering the warnings.
  • If a kernel update is not immediately available, patch the module source by removing the fsl_disable_clocks() call in fsl_edma_remove() and monitor system logs for any remaining warnings.

Generated by OpenCVE AI on June 9, 2026 at 23:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo

Thu, 04 Jun 2026 02:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-676

Thu, 04 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-832
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Wed, 03 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-676

Wed, 03 Jun 2026 17:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove() The clocks in fsl_edma_engine::muxclk are allocated and enabled with devm_clk_get_enabled(), which automatically cleans these resources up, but these clocks are also manually disabled in fsl_edma_remove(). This causes warnings on driver removal for each clock: edma_module already disabled WARNING: CPU: 0 PID: 418 at drivers/clk/clk.c:1200 clk_core_disable+0x198/0x1c8 [...] Call trace: clk_core_disable+0x198/0x1c8 (P) clk_disable+0x34/0x58 fsl_edma_remove+0x74/0xe8 [fsl_edma] [...] ---[ end trace 0000000000000000 ]--- edma_module already unprepared WARNING: CPU: 0 PID: 418 at drivers/clk/clk.c:1059 clk_core_unprepare+0x1f8/0x220 [...] Call trace: clk_core_unprepare+0x1f8/0x220 (P) clk_unprepare+0x34/0x58 fsl_edma_remove+0x7c/0xe8 [fsl_edma] [...] ---[ end trace 0000000000000000 ]--- Fix these warnings by removing the unnecessary fsl_disable_clocks() call in fsl_edma_remove().
Title dmaengine: fsl-edma: don't explicitly disable clocks in .remove()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-03T15:49:52.091Z

Reserved: 2026-05-13T15:03:33.107Z

Link: CVE-2026-46255

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-06-03T18:16:26.463

Modified: 2026-06-09T20:10:42.623

Link: CVE-2026-46255

cve-icon Redhat

Severity : Low

Publid Date: 2026-06-03T00:00:00Z

Links: CVE-2026-46255 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T23:15:16Z

Weaknesses