CVE-2022-49964

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-10393-g7c2a8d3ac4c0

Description The issue arises from the incorrect assignment of a signed error value to an unsigned variable fw level in the Linux kernel's cacheinfo module for arm64 architecture. This occurs because the function acpi find last cache level() returns a signed value, which can be negative if no PPTT table is found, but this value is then assigned to the unsigned fw level. As a result, the number of cache leaves is calculated incorrectly, leading to a huge value that causes a warning from alloc pages due to an order greater than MAX ORDER. This warning is triggered during the execution of alloc pages+0x74/0x314 and is related to memory allocation.

Recommendations To resolve this issue, update the Linux kernel to a version where the fw level is changed to a signed integer, allowing for the correct handling of error values returned by acpi find last cache level(). Specifically, apply the fix introduced in commit 0c80f9e165f8 to ensure that errors are properly returned from init cache level() and that the fw level variable is signed to accommodate potential negative error values.