CVE-2022-49782

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc2-syzkaller-00073-g88619e77b33d

Description A vulnerability has been resolved in the Linux kernel related to missing SIGTRAP checking. The issue occurs when some events not associated with progress in the user space task can fire and the interrupt handler runs before the IRQ work meant to consume pending sigtrap. This can cause the kernel to re-enter and trigger a warning. The vulnerability was identified by syzbot, which produced a program with event type PERF TYPE SOFTWARE and config PERF COUNT SW CPU CLOCK. The hrtimer manages to fire again before the IRQ work got a chance to run, all while never having returned to user space. The warning has been improved to check for real progress in user space by storing a 32-bit hash of the current IP into pending sigtrap.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the missing SIGTRAP checking vulnerability. As a temporary workaround, consider disabling the perf event overflow() function until a patch is available. Restrict access to the vulnerable perf swevent hrtimer() function to minimize the risk of exploitation. Avoid using the pending sigtrap variable in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.