Linux Kernel Preempt-RT Unsafe Locking Vulnerability in Scheduler Extension

A vulnerability has been identified in the Linux kernel's scheduler extension, specifically in versions built with the CONFIG_PREEMPT_RT option enabled. The issue arises from the dump_lock being converted to a sleepable spinlock that does not disable interrupts, leading to inconsistent usage of hardirq states. This can create a potential deadlock scenario, where the same lock is acquired multiple times during interrupt handling, causing the system to hang.

Impact

Exploitation of this vulnerability can lead to a deadlock situation, where the system becomes unresponsive due to conflicting lock acquisitions during interrupt processing.

Reproduction

The vulnerability can be reproduced by running a Linux kernel version with the CONFIG_PREEMPT_RT option enabled. During the execution of the 'irq_work' process, the unsafe locking behavior can be observed, where the scheduler extension's dump state function improperly manages locks, allowing for the same lock to be acquired multiple times in a way that disrupts normal interrupt handling.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been addressed. Instructions for downloading the patched version are available on the official Linux kernel website.