Linux Kernel UIO Driver Missing Spinlock Unlock Vulnerability

A vulnerability exists in the Linux kernel's UIO (Userspace I/O) subsystem, specifically within the 'uio_dmem_genirq' driver. This issue arises from a concurrency problem introduced by a previous commit, which altered how interrupts are disabled, leading to a spinlock not being properly released under certain conditions. The vulnerability can be reproduced by sending specific data to the UIO device, which triggers a scheduling issue while the system is in an atomic state, causing a kernel warning.

Impact

Exploitation of this vulnerability leads to a 'scheduling while atomic' bug, where the system attempts to perform a task that requires waiting, while it is in a state that does not allow it, potentially causing system instability or crashes.

Reproduction

The vulnerability can be reproduced by writing data to the '/dev/uio0' device. This action simulates a scenario where an interrupt disable request is made while the interrupt is already turned off, causing the spinlock to remain locked and creating a scheduling issue.

Remediation

The vulnerability has been addressed in upstream Linux kernel commits. Users should upgrade to a version that includes these patches.