CVE-2022-50849

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.67-10882-ge4eb2eb988cd #1 baa443fb8e8477896a370b31a821eb2009f9bfba

Description An issue exists in the Linux kernel's pstore component. Specifically, running 'cat /proc/kcore > /dev/null' on devices utilizing pstore with the ram backend can trigger an oops. This occurs because kmap atomic() incorrectly assumes lowmem pages are accessible with va(). The root cause involves memblock reserving pages for the ramoops reserved memory node during early boot, which pstore's ram backend then reuses with vmap(). When read kcore() iterates over the vmalloc region, it encounters virtual addresses returned by vmap() for ramoops. The kmap atomic() function then attempts to access these pages as lowmem, leading to an oops. The issue is addressed by passing VM IOREMAP to vmap(), preventing the ramoops region from being included in kcore.

Recommendations Update to Linux kernel version 5.15.67-10882-ge4eb2eb988cd #1 baa443fb8e8477896a370b31a821eb2009f9bfba or a later version.