CVE-2024-46691: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46691 affects the Linux kernel's USB Type-C Connector System Software Interface (UCSI) driver. The vulnerability was discovered when a commit moved the pmicglink client list under a spinlock, causing ucsiunregister() to be called from atomic context when it requires a sleepable context. This issue affects Linux kernel versions from 6.10 up to (excluding) 6.10.8, and various 6.11 release candidates (rc1 through rc5) (NVD).

The vulnerability stems from a change in the pmicglink client list handling where it was moved under a spinlock since it's accessed by the rpmsg/glink callback in IRQ context. This modification resulted in ucsiunregister() being called from atomic context, which is problematic as it requires a sleepable context. Additionally, ucsiunregister() can occur after the remote processor and its communication link are gone, potentially leading to a NULL pointer dereference in pmicglink_send() (Kernel Patch). The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can result in a denial of service condition. The issue manifests as an error in the kernel log with the message 'ucsiglink.pmicglinkucsi pmicglink.ucsi.0: failed to send UCSI write request: -5' (Kernel Patch).

The issue has been fixed through a patch that moves the unregister operation out of atomic context and adds proper checks to avoid NULL pointer dereference. The fix includes scheduling the unregistration and implementing additional state checks to handle the communication link status (Kernel Patch). Users should update to Linux kernel version 6.10.8 or later to receive the fix.