Linux Kernel Sleeping Function Called from Invalid Context Vulnerability in Kmemleak

A vulnerability in the Linux kernel's kmemleak subsystem can lead to a warning about sleeping functions being called from an invalid context. This issue occurs under specific conditions: when the kernel is configured with real-time preemption, SELinux is active, kptr_restrict is set to 1, and the kmemleak buffer contains at least one item. The vulnerability arises because the kmemleak sequence reading function attempts to access certain capabilities, which can trigger the 'sleeping function called from invalid context' warning, particularly in real-time preemptive kernels.

Impact

The vulnerability can cause a kernel warning about improper context management, which may disrupt normal kernel operations and real-time processing.

Reproduction

To reproduce this vulnerability, enable the CONFIG_PREEMPT_RT option in the Linux kernel. Set SELinux as the Linux Security Module (LSM) for the system and adjust the kptr_restrict setting to 1. Then, ensure that the kmemleak buffer contains at least one item. When the kmemleak debug information is accessed, the 'sleeping function called from invalid context' warning will be triggered.

Remediation

The vulnerability has been addressed in the official Linux Git repository. Users should upgrade to a version that includes the latest patches.