{ "threat_severity" : "Low", "public_date" : "2025-02-26T00:00:00Z", "bugzilla" : { "description" : "kernel: tracing: Fix sleeping function called from invalid context on RT kernel", "id" : "2347717", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2347717" }, "cvss3" : { "cvss3_base_score" : "4.4", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-667", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\ntracing: Fix sleeping function called from invalid context on RT kernel\nWhen setting bootparams=\"trace_event=initcall:initcall_start tp_printk=1\" in the\ncmdline, the output_printk() was called, and the spin_lock_irqsave() was called in the\natomic and irq disable interrupt context suitation. On the PREEMPT_RT kernel,\nthese locks are replaced with sleepable rt-spinlock, so the stack calltrace will\nbe triggered.\nFix it by raw_spin_lock_irqsave when PREEMPT_RT and \"trace_event=initcall:initcall_start\ntp_printk=1\" enabled.\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: swapper/0\npreempt_count: 2, expected: 0\nRCU nest depth: 0, expected: 0\nPreemption disabled at:\n[] try_to_wake_up+0x7e/0xba0\nCPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.17.1-rt17+ #19 34c5812404187a875f32bee7977f7367f9679ea7\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n\ndump_stack_lvl+0x60/0x8c\ndump_stack+0x10/0x12\n__might_resched.cold+0x11d/0x155\nrt_spin_lock+0x40/0x70\ntrace_event_buffer_commit+0x2fa/0x4c0\n? map_vsyscall+0x93/0x93\ntrace_event_raw_event_initcall_start+0xbe/0x110\n? perf_trace_initcall_finish+0x210/0x210\n? probe_sched_wakeup+0x34/0x40\n? ttwu_do_wakeup+0xda/0x310\n? trace_hardirqs_on+0x35/0x170\n? map_vsyscall+0x93/0x93\ndo_one_initcall+0x217/0x3c0\n? trace_event_raw_event_initcall_level+0x170/0x170\n? push_cpu_stop+0x400/0x400\n? cblist_init_generic+0x241/0x290\nkernel_init_freeable+0x1ac/0x347\n? _raw_spin_unlock_irq+0x65/0x80\n? rest_init+0xf0/0xf0\nkernel_init+0x1e/0x150\nret_from_fork+0x22/0x30\n" ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-04-30T00:00:00Z", "advisory" : "RHSA-2024:2394", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.13.1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-04-30T00:00:00Z", "advisory" : "RHSA-2024:2394", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.13.1.el9_4" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-49322\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49322\nhttps://lore.kernel.org/linux-cve-announce/2025022637-CVE-2022-49322-b0f0@gregkh/T" ], "name" : "CVE-2022-49322", "csaw" : false }