Linux Kernel Vulnerability Impacting RCU State Management
CVE-2022-49709

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 February 2025

Summary

A vulnerability in the Linux kernel's management of Read-Copy-Update (RCU) state can lead to an invalid RCU state in the cpuidle code path. Specifically, improper handling during the __cfi_slowpath_diag function can cause warnings and potential instability. The issue arises from using RCU_NONIDLE in an inappropriate context, leading to unsafe kernel behavior and impacting system performance. The correct approach involves utilizing rcu_irq_enter/exit to manage RCU wake-ups efficiently while properly disabling interrupts during shadow/module checks.

Affected Version(s)

Linux cf68fffb66d60d96209446bfc4a15291dc5a5d41 < 75f3a5fa2ad049c85ab5d5ee1ed9cfaa7e62c5ed

Linux cf68fffb66d60d96209446bfc4a15291dc5a5d41

Linux cf68fffb66d60d96209446bfc4a15291dc5a5d41 < 57cd6d157eb479f0a8e820fd36b7240845c8a937

References

https://git.kernel.org/stable/c/75f3a5fa2ad049c85ab5d5ee1...

https://git.kernel.org/stable/c/ca3897f2ac02ceae5e6fa794f...

https://git.kernel.org/stable/c/57cd6d157eb479f0a8e820fd3...

Timeline

Vulnerability published
Feb 26, 2025
Vulnerability Reserved
Feb 26, 2025