lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <2025061843-CVE-2022-50210-466c@gregkh>
Date: Wed, 18 Jun 2025 13:04:35 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...nel.org>
Subject: CVE-2022-50210: MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK

From: Greg Kroah-Hartman <gregkh@...nel.org>

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK

When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS is selected,
cpu_max_bits_warn() generates a runtime warning similar as below while
we show /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit)
instead of NR_CPUS to iterate CPUs.

[    3.052463] ------------[ cut here ]------------
[    3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x5f0
[    3.070072] Modules linked in: efivarfs autofs4
[    3.076257] CPU: 0 PID: 1 Comm: systemd Not tainted 5.19-rc5+ #1052
[    3.084034] Hardware name: Loongson Loongson-3A4000-7A1000-1w-V0.1-CRB/Loongson-LS3A4000-7A1000-1w-EVB-V1.21, BIOS Loongson-UDK2018-V2.0.04082-beta7 04/27
[    3.099465] Stack : 9000000100157b08 9000000000f18530 9000000000cf846c 9000000100154000
[    3.109127]         9000000100157a50 0000000000000000 9000000100157a58 9000000000ef7430
[    3.118774]         90000001001578e8 0000000000000040 0000000000000020 ffffffffffffffff
[    3.128412]         0000000000aaaaaa 1ab25f00eec96a37 900000010021de80 900000000101c890
[    3.138056]         0000000000000000 0000000000000000 0000000000000000 0000000000aaaaaa
[    3.147711]         ffff8000339dc220 0000000000000001 0000000006ab4000 0000000000000000
[    3.157364]         900000000101c998 0000000000000004 9000000000ef7430 0000000000000000
[    3.167012]         0000000000000009 000000000000006c 0000000000000000 0000000000000000
[    3.176641]         9000000000d3de08 9000000001639390 90000000002086d8 00007ffff0080286
[    3.186260]         00000000000000b0 0000000000000004 0000000000000000 0000000000071c1c
[    3.195868]         ...
[    3.199917] Call Trace:
[    3.203941] [<98000000002086d8>] show_stack+0x38/0x14c
[    3.210666] [<9800000000cf846c>] dump_stack_lvl+0x60/0x88
[    3.217625] [<980000000023d268>] __warn+0xd0/0x100
[    3.223958] [<9800000000cf3c90>] warn_slowpath_fmt+0x7c/0xcc
[    3.231150] [<9800000000210220>] show_cpuinfo+0x5e8/0x5f0
[    3.238080] [<98000000004f578c>] seq_read_iter+0x354/0x4b4
[    3.245098] [<98000000004c2e90>] new_sync_read+0x17c/0x1c4
[    3.252114] [<98000000004c5174>] vfs_read+0x138/0x1d0
[    3.258694] [<98000000004c55f8>] ksys_read+0x70/0x100
[    3.265265] [<9800000000cfde9c>] do_syscall+0x7c/0x94
[    3.271820] [<9800000000202fe4>] handle_syscall+0xc4/0x160
[    3.281824] ---[ end trace 8b484262b4b8c24c ]---

The Linux kernel CVE team has assigned CVE-2022-50210 to this issue.


Affected and fixed versions
===========================

	Fixed in 4.9.326 with commit d3ac4e47510ec0753ebe1e418a334ad202784aa8
	Fixed in 4.14.291 with commit 98aaa511957667ba26d6dabe28dfa210a8f53a63
	Fixed in 4.19.256 with commit 4cb392956ae392aec4aa06e661a0bb9146b0bace
	Fixed in 5.4.211 with commit 274e44e2123417e0924c90d4b4531913b5f3aa2e
	Fixed in 5.10.137 with commit 807adf6ffa8c3beedcd63b20f5a59c7d061df7d2
	Fixed in 5.15.61 with commit e41db8a9ce696a3382a4f098878fd4d14bccd201
	Fixed in 5.18.18 with commit 8916ec149c79cb21f5454fa7840ad96f99cf51cf
	Fixed in 5.19.2 with commit 7d305823e02217b29d41fca67e3cef87fd7bd688
	Fixed in 6.0 with commit e1a534f5d074db45ae5cbac41d8912b98e96a006

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2022-50210
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	arch/mips/kernel/proc.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/d3ac4e47510ec0753ebe1e418a334ad202784aa8
	https://git.kernel.org/stable/c/98aaa511957667ba26d6dabe28dfa210a8f53a63
	https://git.kernel.org/stable/c/4cb392956ae392aec4aa06e661a0bb9146b0bace
	https://git.kernel.org/stable/c/274e44e2123417e0924c90d4b4531913b5f3aa2e
	https://git.kernel.org/stable/c/807adf6ffa8c3beedcd63b20f5a59c7d061df7d2
	https://git.kernel.org/stable/c/e41db8a9ce696a3382a4f098878fd4d14bccd201
	https://git.kernel.org/stable/c/8916ec149c79cb21f5454fa7840ad96f99cf51cf
	https://git.kernel.org/stable/c/7d305823e02217b29d41fca67e3cef87fd7bd688
	https://git.kernel.org/stable/c/e1a534f5d074db45ae5cbac41d8912b98e96a006

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ