CVE-2022-48755: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48755 affects the Linux kernel's powerpc64/bpf subsystem. The vulnerability was discovered when an illegal instruction crash occurred on ppc64 e5500 processors when using the 'ldbrx' instruction, which was only introduced in ISA v2.06. The issue affects Linux kernel versions from 4.8 up to (excluding) 5.10.96, 5.11 up to (excluding) 5.15.19, and 5.16 up to (excluding) 5.16.5 (NVD).

The vulnerability occurs in the BPF JIT compiler for PowerPC64 architecture when handling BPFFROM[L|B]E operations. The compiler incorrectly emits the 'ldbrx' instruction which is only supported on processors compliant with ISA v2.06 or later. This results in an illegal instruction exception on older processors. The issue was introduced in commit 156d0e290e969c ("powerpc/ebpf/jit: Implement JIT compiler for extended BPF"). The CVSS v3.1 base score is 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability causes a kernel crash (oops) on affected PowerPC processors that don't support the ISA v2.06 instruction set, leading to a denial of service condition (Kernel Patch).

The issue has been fixed by implementing a compatibility check that uses alternative instructions for processors not supporting ISA v2.06. The fix involves using 'lwbrx' instructions with appropriate shifts instead of 'ldbrx' when running on older processors (Kernel Patch).