CVE-2022-48765

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17.0-rc1+ #5

Description The issue is related to the Kernel-based Virtual Machine (KVM) component in the Linux kernel. It can be triggered by not exposing tsc-deadline mode and doing a reboot in the guest system. The lapic shutdown() function, which is called during the sys reboot path, does not disarm the flying timer; it only masks LVTT. This can lead to a timer-mode switch between tsc-deadline and oneshot/periodic modes, resulting in the preemption timer being cancelled in apic update lvtt(). The vulnerability can cause a denial of service.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, for versions prior to 5.17.0-rc1+ #5, update to a newer version that includes the patch for KVM: LAPIC: Also cancel preemption timer during SET LAPIC.

As a temporary workaround, consider disabling the lapic shutdown() function or restricting the use of the KVM component until a patch is available. However, this may have significant performance implications and should be carefully evaluated before implementation.

At the moment, there is no information about other workarounds or configuration changes that can mitigate this issue without updating the kernel.