CVE-2022-50494

Summary

In the Linux kernel, the following vulnerability has been resolved:

thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash

When CPU 0 is offline and intel_powerclamp is used to inject idle, it generates kernel BUG:

BUG: using smp_processor_id() in preemptible [00000000] code: bash/15687 caller is debug_smp_processor_id+0x17/0x20 CPU: 4 PID: 15687 Comm: bash Not tainted 5.19.0-rc7+ #57 Call Trace: <TASK> dump_stack_lvl+0x49/0x63 dump_stack+0x10/0x16 check_preemption_disabled+0xdd/0xe0 debug_smp_processor_id+0x17/0x20 powerclamp_set_cur_state+0x7f/0xf9 [intel_powerclamp] … …

Here CPU 0 is the control CPU by default and changed to the current CPU, if CPU 0 offlined. This check has to be performed under cpus_read_lock(), hence the above warning.

Use get_cpu() instead of smp_processor_id() to avoid this BUG.

[ rjw: Subject edits ]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd6d71ee4a14ae602db343ec48c491851d7ec5267 < 3e799e815097febbcb81b472285be824f5d089f9affected
LinuxLinuxd6d71ee4a14ae602db343ec48c491851d7ec5267 < 0f91f66c568b316b19cb042cf50584467b3bdff4affected
LinuxLinuxd6d71ee4a14ae602db343ec48c491851d7ec5267 < 6904727db0eb62fb0c2dce1cf331c341d97ee4b7affected
LinuxLinuxd6d71ee4a14ae602db343ec48c491851d7ec5267 < 5a646c38f648185ee2c62f2a19da3c6f04e27612affected
LinuxLinuxd6d71ee4a14ae602db343ec48c491851d7ec5267 < 513943bf879d45005213e6f5cfb7d9e9943f589faffected
LinuxLinuxd6d71ee4a14ae602db343ec48c491851d7ec5267 < 5614908434451aafbf9b24cb5247cf1d21269f76affected
LinuxLinuxd6d71ee4a14ae602db343ec48c491851d7ec5267 < 6e2a347b304224b2aeb1c0ea000d1cf8a02cc592affected
LinuxLinuxd6d71ee4a14ae602db343ec48c491851d7ec5267 < 418fae0700e85a498062424f8656435c32cdb200affected
LinuxLinuxd6d71ee4a14ae602db343ec48c491851d7ec5267 < 68b99e94a4a2db6ba9b31fe0485e057b9354a640affected
LinuxLinux3.9affected
LinuxLinux0 < 3.9unaffected
LinuxLinux4.9.331 <= 4.9.*unaffected
LinuxLinux4.14.296 <= 4.14.*unaffected
LinuxLinux4.19.262 <= 4.19.*unaffected
LinuxLinux5.4.220 <= 5.4.*unaffected
LinuxLinux5.10.150 <= 5.10.*unaffected
LinuxLinux5.15.75 <= 5.15.*unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References