Linux Kernel Debug Objects Kswapd Wake-Up Vulnerability

A vulnerability in the Linux kernel's debug objects handling has been addressed. The issue arose because the allocation from debug objects used GFP_ATOMIC, which includes __GFP_HIGH and __GFP_KSWAPD_RECLAIM. This combination attempts to wake up kswapd, leading to a lock acquisition that could cause deadlocks if fill_pool() is called with other locks held. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could cause a deadlock by improperly waking up the kswapd process, which acquires a lock that could conflict with other held locks, disrupting normal operation.

Reproduction

The vulnerability can be reproduced by triggering the fill_pool() function in the debug objects subsystem while other locks are held. This can be done by using a syzkaller fuzzer, which will report the lock dependency warning that indicates the vulnerability.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree, where this vulnerability has been fixed.