In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Cleanup global '__scm' on probe failures If SCM driver fails the probe, it should not leave global '__scm' variable assigned, because external users of this driver will assume the probe finished successfully. For example TZMEM parts ('__scm->mempool') are initialized later in the probe, but users of it (__scm_smc_call()) rely on the '__scm' variable. This fixes theoretical NULL pointer exception, triggered via introducing probe deferral in SCM driver with call trace: qcom_tzmem_alloc+0x70/0x1ac (P) qcom_tzmem_alloc+0x64/0x1ac (L) qcom_scm_assign_mem+0x78/0x194 qcom_rmtfs_mem_probe+0x2d4/0x38c platform_probe+0x68/0xc8
6.11.0-12.136.11.0-13.146.11.0-14.156.11.0-18.186.11.0-19.196.11.0-21.216.11.0-24.246.11.0-25.256.11.0-7.76.11.0-8.8+2 more6.11.0-26.266.5.0-9.95.3.0-18.195.3.0-24.265.4.0-9.124.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.184.4.0-2.166.11.0-8.86.12.0-12.126.12.0-15.156.12.0-16.166.14.0-7.75.13.0-19.194.13.0-16.193.11.0-12.195.19.0-1007.7~22.04.15.19.0-1009.9~22.04.15.19.0-1010.10~22.04.15.19.0-1011.11~22.04.15.19.0-1012.12~22.04.15.19.0-1013.13~22.04.15.19.0-1014.14~22.04.15.19.0-1015.15~22.04.16.11.0-1002.26.11.0-1004.46.11.0-1005.56.11.0-1006.66.11.0-1007.76.11.0-1008.86.11.0-1009.106.11.0-1010.116.11.0-1011.126.11.0-1012.13+2 more6.11.0-1014.15