CVE-2022-49090

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the initialization of topology for core scheduling on Arm64 systems. The issue arises when the store cpu topology() function fails to correctly set up the smt mask, leading to a mismatch between the actual topology and the core scheduling data structures. This can cause a warning and a crash, particularly when running stress-ng tests that enable core scheduling. The problem occurs because rq->core is not correctly set for non-leader CPUs, resulting in a NULL pointer dereference.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.