CVE-2022-50494

In the Linux kernel, the following vulnerability has been resolved:

thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash

When CPU 0 is offline and intel_powerclamp is used to inject
idle, it generates kernel BUG:

BUG: using smp_processor_id() in preemptible [00000000] code: bash/15687
caller is debug_smp_processor_id+0x17/0x20
CPU: 4 PID: 15687 Comm: bash Not tainted 5.19.0-rc7+ #57
Call Trace:
<TASK>
dump_stack_lvl+0x49/0x63
dump_stack+0x10/0x16
check_preemption_disabled+0xdd/0xe0
debug_smp_processor_id+0x17/0x20
powerclamp_set_cur_state+0x7f/0xf9 [intel_powerclamp]
...
...

Here CPU 0 is the control CPU by default and changed to the current CPU,
if CPU 0 offlined. This check has to be performed under cpus_read_lock(),
hence the above warning.

Use get_cpu() instead of smp_processor_id() to avoid this BUG.

[ rjw: Subject edits ]
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.237-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.153-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.16.9-1
fixed
sid
6.16.9-1
fixed
References
https://git.kernel.org/stable/c/0f91f66c568b316b19cb042cf50584467b3bdff4
https://git.kernel.org/stable/c/3e799e815097febbcb81b472285be824f5d089f9
https://git.kernel.org/stable/c/418fae0700e85a498062424f8656435c32cdb200
https://git.kernel.org/stable/c/513943bf879d45005213e6f5cfb7d9e9943f589f
https://git.kernel.org/stable/c/5614908434451aafbf9b24cb5247cf1d21269f76
https://git.kernel.org/stable/c/5a646c38f648185ee2c62f2a19da3c6f04e27612
https://git.kernel.org/stable/c/68b99e94a4a2db6ba9b31fe0485e057b9354a640
https://git.kernel.org/stable/c/6904727db0eb62fb0c2dce1cf331c341d97ee4b7
https://git.kernel.org/stable/c/6e2a347b304224b2aeb1c0ea000d1cf8a02cc592