In the Linux kernel, the following vulnerability has been resolved:
media: hi846: fix usage of pm_runtime_get_if_in_use()
pm_runtime_get_if_in_use() does not only return nonzero values when the device is in use, it can return a negative errno too.
And especially during resuming from system suspend, when runtime pm is not yet up again, -EAGAIN is being returned, so the subsequent pm_runtime_put() call results in a refcount underflow.
Fix system-resume by handling -EAGAIN of pm_runtime_get_if_in_use().
Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:NI:NA:H5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H