CVE-2022-49709
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle
RCU_NONIDLE usage during __cfi_slowpath_diag can result in an invalid RCU state in the cpuidle code path:
WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:613 rcu_eqs_enter+0xe4/0x138 … Call trace: rcu_eqs_enter+0xe4/0x138 rcu_idle_enter+0xa8/0x100 cpuidle_enter_state+0x154/0x3a8 cpuidle_enter+0x3c/0x58 do_idle.llvm.6590768638138871020+0x1f4/0x2ec cpu_startup_entry+0x28/0x2c secondary_start_kernel+0x1b8/0x220 __secondary_switched+0x94/0x98
Instead, call rcu_irq_enter/exit to wake up RCU only when needed and disable interrupts for the entire CFI shadow/module check when we do.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | cf68fffb66d60d96209446bfc4a15291dc5a5d41 < 75f3a5fa2ad049c85ab5d5ee1ed9cfaa7e62c5ed | affected |
| Linux | Linux | cf68fffb66d60d96209446bfc4a15291dc5a5d41 < ca3897f2ac02ceae5e6fa794f83c36f9885b93da | affected |
| Linux | Linux | cf68fffb66d60d96209446bfc4a15291dc5a5d41 < 57cd6d157eb479f0a8e820fd36b7240845c8a937 | affected |
| Linux | Linux | 5.13 | affected |
| Linux | Linux | 0 < 5.13 | unaffected |
| Linux | Linux | 5.15.49 <= 5.15.* | unaffected |
| Linux | Linux | 5.18.6 <= 5.18.* | unaffected |
| Linux | Linux | 5.19 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/75f3a5fa2ad049c85ab5d5ee1ed9cfaa7e62c5ed
- https://git.kernel.org/stable/c/ca3897f2ac02ceae5e6fa794f83c36f9885b93da
- https://git.kernel.org/stable/c/57cd6d157eb479f0a8e820fd36b7240845c8a937
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.