CVE-2022-48922

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17.0-rc1-00233-g9a20c48d1ed2

Description The issue is related to the riscv component of the Linux kernel, where the trace hardirqs {on,off}() functions require the caller to set up the frame pointer properly. If the $fp register is used for another purpose, the code generated by the CALLER ADDR1 macro could trigger a memory access fault, leading to a kernel NULL pointer dereference. The problem arises because the $fp register is not used as a frame pointer in the assembly entry code.

Recommendations To resolve the issue, an extra level wrapper has been added for the trace hardirqs {on,off}() functions so they can be safely called by low-level entry code. As a temporary workaround, consider disabling the trace hardirqs {on,off}() functions until a patch is available. However, since the provided information does not specify the exact versions that are fixed, it is recommended to update to the latest version of the Linux kernel to ensure the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.