Bug 2348271 (CVE-2022-49709) - CVE-2022-49709 kernel: cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle
Summary: CVE-2022-49709 kernel: cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle
Keywords:
Status: NEW
Alias: CVE-2022-49709
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-02-26 03:23 UTC by OSIDB Bzimport
Modified: 2025-02-26 16:11 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-02-26 03:23:38 UTC 
In the Linux kernel, the following vulnerability has been resolved:

cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle

RCU_NONIDLE usage during __cfi_slowpath_diag can result in an invalid
RCU state in the cpuidle code path:

  WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:613 rcu_eqs_enter+0xe4/0x138
  ...
  Call trace:
    rcu_eqs_enter+0xe4/0x138
    rcu_idle_enter+0xa8/0x100
    cpuidle_enter_state+0x154/0x3a8
    cpuidle_enter+0x3c/0x58
    do_idle.llvm.6590768638138871020+0x1f4/0x2ec
    cpu_startup_entry+0x28/0x2c
    secondary_start_kernel+0x1b8/0x220
    __secondary_switched+0x94/0x98

Instead, call rcu_irq_enter/exit to wake up RCU only when needed and
disable interrupts for the entire CFI shadow/module check when we do.
Comment 1 Avinash Hanwate 2025-02-26 11:31:19 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022630-CVE-2022-49709-f834@gregkh/T
Comment 4 Avinash Hanwate 2025-02-26 16:00:11 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022630-CVE-2022-49709-f834@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.