CVE-2024-49926

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb()<br /> <br /> For kernels built with CONFIG_FORCE_NR_CPUS=y, the nr_cpu_ids is<br /> defined as NR_CPUS instead of the number of possible cpus, this<br /> will cause the following system panic:<br /> <br /> smpboot: Allowing 4 CPUs, 0 hotplug CPUs<br /> ...<br /> setup_percpu: NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:512 nr_node_ids:1<br /> ...<br /> BUG: unable to handle page fault for address: ffffffff9911c8c8<br /> Oops: 0000 [#1] PREEMPT SMP PTI<br /> CPU: 0 PID: 15 Comm: rcu_tasks_trace Tainted: G W<br /> 6.6.21 #1 5dc7acf91a5e8e9ac9dcfc35bee0245691283ea6<br /> RIP: 0010:rcu_tasks_need_gpcb+0x25d/0x2c0<br /> RSP: 0018:ffffa371c00a3e60 EFLAGS: 00010082<br /> CR2: ffffffff9911c8c8 CR3: 000000040fa20005 CR4: 00000000001706f0<br /> Call Trace:<br /> <br /> ? __die+0x23/0x80<br /> ? page_fault_oops+0xa4/0x180<br /> ? exc_page_fault+0x152/0x180<br /> ? asm_exc_page_fault+0x26/0x40<br /> ? rcu_tasks_need_gpcb+0x25d/0x2c0<br /> ? __pfx_rcu_tasks_kthread+0x40/0x40<br /> rcu_tasks_one_gp+0x69/0x180<br /> rcu_tasks_kthread+0x94/0xc0<br /> kthread+0xe8/0x140<br /> ? __pfx_kthread+0x40/0x40<br /> ret_from_fork+0x34/0x80<br /> ? __pfx_kthread+0x40/0x40<br /> ret_from_fork_asm+0x1b/0x80<br /> <br /> <br /> Considering that there may be holes in the CPU numbers, use the<br /> maximum possible cpu number, instead of nr_cpu_ids, for configuring<br /> enqueue and dequeue limits.<br /> <br /> [ neeraj.upadhyay: Fix htmldocs build error reported by Stephen Rothwell ]