CVE-2022-48944 - Linux Kernel Vulnerability Resolved: Fixing sched_fork() Races
The Linux kernel is the core of a vast majority of the world's operating systems, and ensuring its security is of utmost importance. Recently, a vulnerability related to sched_fork() races in the Linux kernel has been addressed and fixed. This post will dive into the details of this vulnerability (identified as CVE-2022-48944), provide code snippets, and link to original references, helping professionals better understand this critical security update.
Exploit Details
The vulnerability exploits a race condition in the Linux kernel that occurs while a task is being forked between cgroups, leaving it exposed to syscalls before it gets placed on the runqueue. This can cause various issues, including the system crashing and potential security gaps. The Linux kernel developers have addressed and fixed this vulnerability by ensuring tasks are placed on the runqueue before exposure, mitigating the exploitable race.
Here is the relevant code snippet showing the fix
/* add a task to the runqueue */
+ p->on_rq = -1;
set_task_cpu(p, smp_processor_id());
rq = this_rq();
The key change here is that the p->on_rq value is set to -1 which indicates the task is not placed on the runqueue. This fixes the race condition, ensuring the new task is not exposed through the pidhash before being placed on the runqueue.
Original References
For a more in-depth understanding, refer to the commit logs that document these changes in the Linux kernel:
1. Commit 4efc5c6b5ba: kernel/sched: Fix sched_fork() access an invalid sched_task_group
2. Commit 13765de8148f: sched/fair: Fix fault in reweight_entity
Closing Remarks
With the Linux kernel's wide usage and the critical nature of its security, addressing vulnerabilities like CVE-2022-48944 is of paramount importance. This particular vulnerability highlights the importance of race condition avoidance and proper task handling within the kernel code. The Linux developers' commitment to addressing these issues and making the necessary code changes to ensure the kernel's resiliency will continue to be imperative for the ongoing security of countless systems worldwide.
Timeline
Published on: 08/30/2024 11:15:14 UTC
Last modified on: 09/03/2024 14:26:56 UTC