CVE-2022-50296

Summary

In the Linux kernel, the following vulnerability has been resolved:

UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK

When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS is selected, cpu_max_bits_warn() generates a runtime warning similar as below while we show /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit) instead of NR_CPUS to iterate CPUs.

[ 3.052463] ————[ cut here ]———— [ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x5f0 [ 3.070072] Modules linked in: efivarfs autofs4 [ 3.076257] CPU: 0 PID: 1 Comm: systemd Not tainted 5.19-rc5+ #1052 [ 3.099465] Stack : 9000000100157b08 9000000000f18530 9000000000cf846c 9000000100154000 [ 3.109127] 9000000100157a50 0000000000000000 9000000100157a58 9000000000ef7430 [ 3.118774] 90000001001578e8 0000000000000040 0000000000000020 ffffffffffffffff [ 3.128412] 0000000000aaaaaa 1ab25f00eec96a37 900000010021de80 900000000101c890 [ 3.138056] 0000000000000000 0000000000000000 0000000000000000 0000000000aaaaaa [ 3.147711] ffff8000339dc220 0000000000000001 0000000006ab4000 0000000000000000 [ 3.157364] 900000000101c998 0000000000000004 9000000000ef7430 0000000000000000 [ 3.167012] 0000000000000009 000000000000006c 0000000000000000 0000000000000000 [ 3.176641] 9000000000d3de08 9000000001639390 90000000002086d8 00007ffff0080286 [ 3.186260] 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1c [ 3.195868] … [ 3.199917] Call Trace: [ 3.203941] [<90000000002086d8>] show_stack+0x38/0x14c [ 3.210666] [<9000000000cf846c>] dump_stack_lvl+0x60/0x88 [ 3.217625] [<900000000023d268>] __warn+0xd0/0x100 [ 3.223958] [<9000000000cf3c90>] warn_slowpath_fmt+0x7c/0xcc [ 3.231150] [<9000000000210220>] show_cpuinfo+0x5e8/0x5f0 [ 3.238080] [<90000000004f578c>] seq_read_iter+0x354/0x4b4 [ 3.245098] [<90000000004c2e90>] new_sync_read+0x17c/0x1c4 [ 3.252114] [<90000000004c5174>] vfs_read+0x138/0x1d0 [ 3.258694] [<90000000004c55f8>] ksys_read+0x70/0x100 [ 3.265265] [<9000000000cfde9c>] do_syscall+0x7c/0x94 [ 3.271820] [<9000000000202fe4>] handle_syscall+0xc4/0x160 [ 3.281824] —[ end trace 8b484262b4b8c24c ]—

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8f96aa67c2ccbd7e41b8dc992b8d13cfe206d571affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < dbd964a733db015bbb9dff592c259c736398140faffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 844748412be03a236dcf4a208b588162a275e189affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < cd251d39b13485eb94ee65bb000d024e02c00e45affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6a73e6edcbf3cdd82796dcdf0c0f5fe5d91021afaffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7efe61dc6aa45aab8a40e304fa2dae21e33b0db4affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5177bdc38eaa1c1ca6302214ab06913540cd00a2affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2e3863cc02c156b51b50592d43ffa6a13b680b0daffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 16c546e148fa6d14a019431436a6f7b4087dbccdaffected
LinuxLinux2.6.12affected
LinuxLinux0 < 2.6.12unaffected
LinuxLinux4.9.331 <= 4.9.*unaffected
LinuxLinux4.14.296 <= 4.14.*unaffected
LinuxLinux4.19.262 <= 4.19.*unaffected
LinuxLinux5.4.220 <= 5.4.*unaffected
LinuxLinux5.10.150 <= 5.10.*unaffected
LinuxLinux5.15.75 <= 5.15.*unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References