CVE-2022-49001
Severity CVSS v4.0:
Pending analysis
Type:
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Publication date:
21/10/2024
Last modified:
30/10/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
riscv: fix race when vmap stack overflow<br />
<br />
Currently, when detecting vmap stack overflow, riscv firstly switches<br />
to the so called shadow stack, then use this shadow stack to call the<br />
get_overflow_stack() to get the overflow stack. However, there&#39;s<br />
a race here if two or more harts use the same shadow stack at the same<br />
time.<br />
<br />
To solve this race, we introduce spin_shadow_stack atomic var, which<br />
will be swap between its own address and 0 in atomic way, when the<br />
var is set, it means the shadow_stack is being used; when the var<br />
is cleared, it means the shadow_stack isn&#39;t being used.<br />
<br />
[Palmer: Add AQ to the swap, and also some comments.]
Impact
Base Score 3.x
7.00
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.14 (including) | 5.15.82 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.0.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page