CVE-2022-48752

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.0-rc5-03218-g798527287598

Description: The vulnerability is related to the powerpc/perf component of the Linux kernel. It is caused by an error in the power pmu disable function, which can lead to a situation where the MSR EE flag is set (interrupt enabled) when a PMC overflow is detected. This can happen because the function runs under interrupt soft disable condition (local irq save) and not with interrupts hard disabled. The issue can be exploited to cause a denial of service.

Recommendations: To resolve the issue, update the Linux kernel to a version that includes the fix for the powerpc/perf vulnerability. Specifically, update to a version that includes the commit 2c9ac51b850d ("powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC").

As a temporary workaround, consider disabling the power pmu disable function until a patch is available. However, this may have performance implications and should be carefully evaluated before implementation.

Note: The provided information does not specify the exact version that includes the fix, so it is recommended to update to the latest available version of the Linux kernel.