Linux Kernel CPU Hotplug Deadlock Vulnerability in OS Noise Tracer

A potential deadlock vulnerability has been identified in the Linux kernel's CPU hotplug process, specifically within the OS noise tracer. This issue arises when certain mutex and CPU lock operations are not properly sequenced, leading to a deadlock situation. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability can lead to a deadlock situation, where the CPU hotplug process is halted, potentially causing system performance issues or unresponsiveness.

Reproduction

The deadlock can be reproduced by initiating a CPU hotplug operation while the OS noise tracer is active. This involves locking the interface mutex, taking a CPU write lock, and then performing operations that stop and wait for completion of OS noise kernel threads. The improper order of locking and unlocking the CPU read lock and the interface mutex creates the deadlock condition.

Remediation

The vulnerability has been addressed by changing the order of the CPU read lock and the interface mutex lock in the OS noise tracer's handling of CPU hotplug events.