Linux Kernel LoongArch CPU Information Runtime Warning Vulnerability

A vulnerability in the Linux kernel's handling of CPU information for LoongArch architecture has been addressed. When both CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are enabled, the 'cpu_max_bits_warn()' function triggers a runtime warning while '/proc/cpuinfo' is being displayed. This issue arises because the function iterates over CPUs using the constant 'NR_CPUS', which does not reflect the actual number of available CPUs at runtime. The vulnerability has been resolved by modifying the iteration to use 'nr_cpu_ids', the accurate runtime limit.

Impact

The vulnerability could lead to unnecessary runtime warnings, potentially obscuring other important system messages. However, it does not appear to introduce any critical security risks or system instability.

Reproduction

To reproduce this vulnerability, configure the Linux kernel with both 'CONFIG_CPUMASK_OFFSTACK' and 'CONFIG_DEBUG_PER_CPU_MAPS' options enabled. Then, boot the system and execute a command that reads '/proc/cpuinfo'. This will trigger the 'cpu_max_bits_warn()' warning, indicating the presence of the vulnerability.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed. Consult the Linux kernel changelog or update documentation for specific instructions.