Linux Kernel Intel Powerclamp Thermal Driver Crash Vulnerability

A vulnerability in the Linux kernel's intel_powerclamp thermal driver can lead to a system crash. This issue occurs when CPU 0 is offline and the driver is used to inject idle time, causing a kernel bug. The problem arises from using 'smp_processor_id()' in preemptible code, which can generate a kernel panic. The vulnerability affects several versions of the Linux kernel, including 5.19.0-rc7+.

Impact

The vulnerability can cause a kernel crash, disrupting system operations and potentially leading to a denial of service.

Reproduction

To reproduce this vulnerability, take the following steps: 1. Ensure that CPU 0 is offline. 2. Use the intel_powerclamp thermal driver to inject idle time. 3. Observe that the system generates a kernel bug due to the improper handling of the processor ID in preemptible code, leading to a crash.

Remediation

The vulnerability has been addressed by modifying the intel_powerclamp driver to use 'get_cpu()' instead of 'smp_processor_id()'. Users should update to the latest version of the Linux kernel where this fix has been applied.