CVE-2022-48800: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48800 is a vulnerability in the Linux kernel that was discovered and disclosed in July 2024. The issue affects Linux kernel versions from 5.16 through 5.16.10. The vulnerability manifests as a soft lockup bug in kcompactd, where kcompactd0 is not rescheduling on a CPU while a task has isolated a large number of pages from the LRU (NVD).

The vulnerability occurs when kcompactd0 fails to reschedule on a CPU while a task that has isolated a large number of pages from the LRU is waiting for kcompactd0 to reschedule so the pages can be released. While shrinkinactivelist() only loops once around toomanyisolated, reclaim can continue without rescheduling if sc->skippeddeactivate == 1, which could happen if there was no file LRU and the inactive anon list was not low. This issue is specific to CONFIGPREEMPT=n builds (Kernel Patch). The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can result in a soft lockup condition, causing the system to become unresponsive. This is evidenced by watchdog messages showing CPU stuck conditions lasting for extended periods (26s, 52s, 78s, 104s). The issue particularly affects systems with large amounts of RAM and no swap space configured (Kernel Patch).

The vulnerability has been patched in the Linux kernel. The fix involves adding a condresched() call in the reclaimthrottle function to prevent the deadlock condition. Users should upgrade to a patched version of the kernel (Kernel Patch).