CVE-2022-48689

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the issue.

Description The issue is related to the misuse of pfmemalloc page status in TCP zerocopy paths. Using page is pfmemalloc() in this context can give false positives. The problem is more probable after a specific commit that added a signature in the struct page, causing page is pfmemalloc() to use a low-order bit from page->lru.next, which can change more often than page->index. The KCSAN report is mostly a false positive because the low-order bit should never be set for lru.next when used as an anchor in the LRU list.

Recommendations To resolve the issue, backport the commit 84ce071e38a6 ("net: introduce skb fill page desc noacc") as a prerequisite. This change removes the use of page is pfmemalloc() in the TCP zerocopy path, thus preventing the potential misuse and related issues. Apply this backport to ensure the stability and security of the Linux kernel.