CVE-2022-49034 in Linux
Summary
by MITRE • 12/27/2024
In the Linux kernel, the following vulnerability has been resolved:
sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are selected, cpu_max_bits_warn() generates a runtime warning similar as below when showing /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit) instead of NR_CPUS to iterate CPUs.
[ 3.052463] ------------[ cut here ]------------
[ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x5f0
[ 3.070072] Modules linked in: efivarfs autofs4
[ 3.076257] CPU: 0 PID: 1 Comm: systemd Not tainted 5.19-rc5+ #1052
[ 3.099465] Stack : 9000000100157b08 9000000000f18530 9000000000cf846c 9000000100154000
[ 3.109127] 9000000100157a50 0000000000000000 9000000100157a58 9000000000ef7430
[ 3.118774] 90000001001578e8 0000000000000040 0000000000000020 ffffffffffffffff
[ 3.128412] 0000000000aaaaaa 1ab25f00eec96a37 900000010021de80 900000000101c890
[ 3.138056] 0000000000000000 0000000000000000 0000000000000000 0000000000aaaaaa
[ 3.147711] ffff8000339dc220 0000000000000001 0000000006ab4000 0000000000000000
[ 3.157364] 900000000101c998 0000000000000004 9000000000ef7430 0000000000000000
[ 3.167012] 0000000000000009 000000000000006c 0000000000000000 0000000000000000
[ 3.176641] 9000000000d3de08 9000000001639390 90000000002086d8 00007ffff0080286
[ 3.186260] 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1c
[ 3.195868] ...
[ 3.199917] Call Trace:
[ 3.203941] [] show_stack+0x38/0x14c
[ 3.210666] [] dump_stack_lvl+0x60/0x88
[ 3.217625] [] __warn+0xd0/0x100
[ 3.223958] [] warn_slowpath_fmt+0x7c/0xcc
[ 3.231150] [] show_cpuinfo+0x5e8/0x5f0
[ 3.238080] [] seq_read_iter+0x354/0x4b4
[ 3.245098] [] new_sync_read+0x17c/0x1c4
[ 3.252114] [] vfs_read+0x138/0x1d0
[ 3.258694] [] ksys_read+0x70/0x100
[ 3.265265] [] do_syscall+0x7c/0x94
[ 3.271820] [] handle_syscall+0xc4/0x160
[ 3.281824] ---[ end trace 8b484262b4b8c24c ]---
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 10/08/2025
The vulnerability CVE-2022-49034 represents a kernel-level warning condition within the Linux operating system that manifests when specific kernel configuration options are enabled. This issue occurs in the cpuinfo display functionality of the kernel, specifically when CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are both enabled simultaneously. The warning originates from the cpu_max_bits_warn() function which generates erroneous runtime messages when accessing /proc/cpuinfo through kernel debugging mechanisms. This condition demonstrates a fundamental mismatch in kernel resource management where compile-time constants are incorrectly used in runtime contexts, leading to misleading diagnostic output that can obscure legitimate system issues. The vulnerability is classified under CWE-129 as an insufficient input validation, specifically involving improper handling of CPU mask iteration limits. The warning message appears in kernel logs with a clear stack trace indicating the fault originates from show_cpuinfo function within cpumask.h at line 108, demonstrating the precise location where the kernel's CPU information display logic fails to properly account for runtime CPU limits versus compile-time configuration parameters.
The technical flaw stems from the incorrect usage of NR_CPUS macro instead of nr_cpu_ids when iterating through CPU identifiers in the cpuinfo display logic. NR_CPUS represents the maximum possible CPU count defined at compile time, while nr_cpu_ids reflects the actual number of CPUs available at runtime. This discrepancy becomes problematic when CONFIG_CPUMASK_OFFSTACK is enabled, which dynamically allocates CPU masks based on actual system configuration rather than compile-time assumptions. The kernel's cpumask subsystem uses different memory allocation strategies depending on these configuration options, and the cpuinfo display logic fails to properly adapt to this dynamic allocation. When the kernel attempts to iterate through CPU identifiers for display purposes, it uses the fixed compile-time limit instead of the runtime dynamic limit, causing the system to issue warnings about potential CPU mask overflow conditions. This error condition does not compromise system security or functionality but creates misleading diagnostic information that can confuse system administrators and developers during debugging sessions. The ATT&CK framework would categorize this as a diagnostic information disclosure artifact rather than a direct system compromise, though it represents a code quality issue that could mask other underlying problems. The kernel developers identified that the fix required replacing the static NR_CPUS reference with the dynamic nr_cpu_ids variable to properly align the iteration bounds with the actual system CPU configuration.
The operational impact of this vulnerability is primarily limited to diagnostic and debugging environments where system administrators might encounter confusing warning messages in kernel logs. The warning does not affect system stability or performance, nor does it represent a security risk that could be exploited by malicious actors. However, the presence of these spurious warnings can complicate system troubleshooting efforts and may lead to false positives during security audits or performance monitoring. In production environments, this warning typically does not cause service disruption but can create noise in system logging that obscures genuine system issues. The vulnerability affects systems running Linux kernel versions where the specific configuration options are enabled, particularly those using CONFIG_CPUMASK_OFFSTACK for dynamic CPU mask allocation. Organizations maintaining systems with these specific kernel configurations may see the warning messages in their logs, potentially requiring additional monitoring or log filtering to distinguish between legitimate warnings and this benign diagnostic issue. The warning appears during normal system operation when /proc/cpuinfo is accessed, which can occur during system boot processes, service initialization, or manual system information queries.
The recommended mitigation strategy involves applying the kernel patch that modifies the cpuinfo display logic to use nr_cpu_ids instead of NR_CPUS when iterating through CPU identifiers. This fix ensures that the kernel's CPU information display properly respects runtime CPU limits rather than compile-time assumptions. System administrators should update to kernel versions containing this fix, typically found in kernel releases following 5.19-rc5, or apply the specific patch to their existing kernel builds. Organizations that do not require the specific kernel configuration options can also avoid the issue by disabling CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS if they are not actively using these debugging features. The fix represents a straightforward code correction that does not introduce compatibility issues or require changes to system configuration or application behavior. No special privileges or access controls are required to implement this fix, as it is a kernel-level code modification that does not affect user-space operations. Regular kernel maintenance and update procedures should ensure that this vulnerability is addressed through standard system administration practices, as it is not a persistent security risk but rather a diagnostic artifact that impacts system logging quality.