Linux Kernel Cpumask Handling Vulnerability in Topology Printing

A vulnerability in the Linux kernel's handling of CPU masks during topology printing has been identified. This issue arises because the core_cpumask can be altered by CPU hotplug events, leading to a mismatch in the expected and actual lengths of formatted strings when using the kvasprintf function. The vulnerability was discovered during fuzz testing, which revealed a warning about inconsistent return values from a vsnprintf test. The warning indicates that the core_cpumask was modified while it was being printed, causing the discrepancy.

Impact

Exploitation of this vulnerability could lead to incorrect CPU topology information being reported, potentially causing issues in systems that rely on accurate CPU mask data.

Remediation

The vulnerability has been addressed by modifying the cpumask handling to cache the cpumask in a temporary variable before printing, ensuring that it remains unchanged during the printing process.