Linux Kernel CPU Information Handling Warning Resolution Vulnerability

A warning vulnerability has been identified in the Linux kernel's handling of CPU information, specifically in versions prior to 5.19. This issue arises when both CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are enabled. Under these conditions, the 'cpu_max_bits_warn()' function triggers a runtime warning while '/proc/cpuinfo' is being displayed. The warning occurs because the kernel iterates over CPUs using a constant maximum (NR_CPUS) instead of the actual number of available CPUs (nr_cpu_ids). This vulnerability can be reproduced by enabling the aforementioned configurations and then accessing the CPU information via the proc filesystem, which will generate a warning about the CPU mask handling.

Impact

Exploitation of this vulnerability leads to unnecessary runtime warnings, which can clutter system logs and potentially mask more serious issues.

Reproduction

To reproduce this vulnerability, compile the Linux kernel with the 'CONFIG_CPUMASK_OFFSTACK' and 'CONFIG_DEBUG_PER_CPU_MAPS' options enabled. After booting into this kernel, the 'cpu_max_bits_warn()' function will generate a warning when '/proc/cpuinfo' is accessed, indicating that the CPU information handling is not properly aligned with the actual number of CPUs available.

Remediation

This vulnerability has been addressed in the Linux kernel stable tree. Users can upgrade to the latest version to apply the fix.