UBUNTU-CVE-2022-49034

Description

In the Linux kernel, the following vulnerability has been resolved: sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are selected, cpu_max_bits_warn() generates a runtime warning similar as below when showing /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit) instead of NR_CPUS to iterate CPUs. [ 3.052463] ------------[ cut here ]------------ [ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x5f0 [ 3.070072] Modules linked in: efivarfs autofs4 [ 3.076257] CPU: 0 PID: 1 Comm: systemd Not tainted 5.19-rc5+ #1052 [ 3.099465] Stack : 9000000100157b08 9000000000f18530 9000000000cf846c 9000000100154000 [ 3.109127] 9000000100157a50 0000000000000000 9000000100157a58 9000000000ef7430 [ 3.118774] 90000001001578e8 0000000000000040 0000000000000020 ffffffffffffffff [ 3.128412] 0000000000aaaaaa 1ab25f00eec96a37 900000010021de80 900000000101c890 [ 3.138056] 0000000000000000 0000000000000000 0000000000000000 0000000000aaaaaa [ 3.147711] ffff8000339dc220 0000000000000001 0000000006ab4000 0000000000000000 [ 3.157364] 900000000101c998 0000000000000004 9000000000ef7430 0000000000000000 [ 3.167012] 0000000000000009 000000000000006c 0000000000000000 0000000000000000 [ 3.176641] 9000000000d3de08 9000000001639390 90000000002086d8 00007ffff0080286 [ 3.186260] 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1c [ 3.195868] ... [ 3.199917] Call Trace: [ 3.203941] [<90000000002086d8>] show_stack+0x38/0x14c [ 3.210666] [<9000000000cf846c>] dump_stack_lvl+0x60/0x88 [ 3.217625] [<900000000023d268>] __warn+0xd0/0x100 [ 3.223958] [<9000000000cf3c90>] warn_slowpath_fmt+0x7c/0xcc [ 3.231150] [<9000000000210220>] show_cpuinfo+0x5e8/0x5f0 [ 3.238080] [<90000000004f578c>] seq_read_iter+0x354/0x4b4 [ 3.245098] [<90000000004c2e90>] new_sync_read+0x17c/0x1c4 [ 3.252114] [<90000000004c5174>] vfs_read+0x138/0x1d0 [ 3.258694] [<90000000004c55f8>] ksys_read+0x70/0x100 [ 3.265265] [<9000000000cfde9c>] do_syscall+0x7c/0x94 [ 3.271820] [<9000000000202fe4>] handle_syscall+0xc4/0x160 [ 3.281824] ---[ end trace 8b484262b4b8c24c ]---

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• ubuntu•linux

  all | < 5.4.0-211.231 | < 5.15.0-135.146 | < 6.8.0-58.60

• ubuntu•linux-allwinner-5.19

  all

• ubuntu•linux-aws

  all | < 5.4.0-1142.152 | < 5.15.0-1080.87 | < 6.8.0-1027.29

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.11

  all

• ubuntu•linux-aws-5.13

  all

• ubuntu•linux-aws-5.15

  < 5.15.0-1080.87~20.04.1

• ubuntu•linux-aws-5.19

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.4

  < 5.4.0-1142.152~18.04.1

• ubuntu•linux-aws-5.8

  all

• ubuntu•linux-aws-6.2

  all

• ubuntu•linux-aws-6.5

  all

• ubuntu•linux-aws-6.8

  < 6.8.0-1027.29~22.04.1

• ubuntu•linux-aws-fips

  all | < 5.4.0-1142.153+fips1 | < 5.15.0-1080.87+fips1

• ubuntu•linux-aws-hwe

  all

• ubuntu•linux-azure

  all | all | < 5.4.0-1147.154 | < 5.15.0-1084.93 | < 6.8.0-1027.32

• ubuntu•linux-azure-4.15

  all

• ubuntu•linux-azure-5.11

  all

• ubuntu•linux-azure-5.13

  all

• ubuntu•linux-azure-5.15

  < 5.15.0-1086.95~20.04.1

• ubuntu•linux-azure-5.19

  all

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.4

  < 5.4.0-1147.154~18.04.1

• ubuntu•linux-azure-5.8

  all

• ubuntu•linux-azure-6.11

  < 6.11.0-1012.12~24.04.1

• ubuntu•linux-azure-6.2

  all

• ubuntu•linux-azure-6.5

  all

• ubuntu•linux-azure-6.8

  < 6.8.0-1027.32~22.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fde

  all | all

• ubuntu•linux-azure-fde-5.15

  all

• ubuntu•linux-azure-fde-5.19

  all

• ubuntu•linux-azure-fde-6.2

  all

• ubuntu•linux-azure-fips

  all | < 5.4.0-1147.154+fips1 | < 5.15.0-1083.92+fips1

• ubuntu•linux-azure-nvidia

  < 6.8.0-1014.15

• ubuntu•linux-bluefield

  < 5.15.0-1062.64 | < 5.4.0-1101.108 | < 5.15.0-1062.64 | all

• ubuntu•linux-fips

  all | < 5.4.0-1116.126 | < 5.15.0-135.146+fips1 | < 6.8.0-78.78+fips1

• ubuntu•linux-gcp

  all | all | < 5.4.0-1145.154 | < 5.15.0-1079.88 | < 6.8.0-1028.30

• ubuntu•linux-gcp-4.15

  all

• ubuntu•linux-gcp-5.11

  all

• ubuntu•linux-gcp-5.13

  all

• ubuntu•linux-gcp-5.15

  < 5.15.0-1081.90~20.04.1

• ubuntu•linux-gcp-5.19

  all

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.4

  < 5.4.0-1145.154~18.04.1

• ubuntu•linux-gcp-5.8

  all

• ubuntu•linux-gcp-6.11

  < 6.11.0-1011.11~24.04.1

• ubuntu•linux-gcp-6.2

  all

• ubuntu•linux-gcp-6.5

  all

Showing first 50 affected entries in server-rendered view.

References (46)

• https://ubuntu.com/security/CVE-2022-49034
• https://www.cve.org/CVERecord?id=CVE-2022-49034
• https://git.kernel.org/linus/3c891f7c6a4e90bb1199497552f24b26e46383bc
• https://git.kernel.org/stable/c/09faf32c682ea4a547200b8b9e04d8b3c8e84b55
• https://git.kernel.org/stable/c/2b6b8e011fab680a223b5e07a3c64774156ec6fe
• https://git.kernel.org/stable/c/39373f6f89f52770a5405d30dddd08a27d097872
• https://git.kernel.org/stable/c/3c891f7c6a4e90bb1199497552f24b26e46383bc
• https://git.kernel.org/stable/c/701e32900683378d93693fec15d133e2c5f7ada2
• https://git.kernel.org/stable/c/77755dc95ff2f9a3e473acc1e039f498629949ea
• https://git.kernel.org/stable/c/8fbb57eabfc8ae67115cb47f904614c99d626a89
• https://git.kernel.org/stable/c/e2b91997db286a5dd3cca6d5d9c20004851f22eb
• https://git.kernel.org/stable/c/f8f26cf69003a37ffa947631fc0e6fe6daee624a
• https://ubuntu.com/security/notices/USN-7276-1
• https://ubuntu.com/security/notices/USN-7277-1
• https://ubuntu.com/security/notices/USN-7310-1
• https://ubuntu.com/security/notices/USN-7387-1
• https://ubuntu.com/security/notices/USN-7388-1
• https://ubuntu.com/security/notices/USN-7389-1
• https://ubuntu.com/security/notices/USN-7390-1
• https://ubuntu.com/security/notices/USN-7387-2
• https://ubuntu.com/security/notices/USN-7387-3
• https://ubuntu.com/security/notices/USN-7391-1
• https://ubuntu.com/security/notices/USN-7392-1
• https://ubuntu.com/security/notices/USN-7393-1
• https://ubuntu.com/security/notices/USN-7392-2
• https://ubuntu.com/security/notices/USN-7392-3
• https://ubuntu.com/security/notices/USN-7401-1
• https://ubuntu.com/security/notices/USN-7392-4
• https://ubuntu.com/security/notices/USN-7407-1
• https://ubuntu.com/security/notices/USN-7413-1
• https://ubuntu.com/security/notices/USN-7421-1
• https://ubuntu.com/security/notices/USN-7449-1
• https://ubuntu.com/security/notices/USN-7450-1
• https://ubuntu.com/security/notices/USN-7451-1
• https://ubuntu.com/security/notices/USN-7452-1
• https://ubuntu.com/security/notices/USN-7453-1
• https://ubuntu.com/security/notices/USN-7458-1
• https://ubuntu.com/security/notices/USN-7459-1
• https://ubuntu.com/security/notices/USN-7463-1
• https://ubuntu.com/security/notices/USN-7449-2
• https://ubuntu.com/security/notices/USN-7459-2
• https://ubuntu.com/security/notices/USN-7468-1
• https://ubuntu.com/security/notices/USN-7523-1
• https://ubuntu.com/security/notices/USN-7524-1
• https://ubuntu.com/security/notices/USN-7539-1
• https://ubuntu.com/security/notices/USN-7540-1