CVE-2022-49164: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49164 addresses a vulnerability in the Linux kernel's PowerPC transactional memory (TM) implementation. The issue was discovered in February 2025 and affects the powerpc/tm subsystem. The vulnerability stems from a potential userspace r13 register corruption that can occur during transactional memory context switching operations (Kernel Git).

The vulnerability occurs in two scenarios within the transactional memory implementation: First, in treclaim where an SLB (Segment Lookaside Buffer) miss can occur on the threadstruct->ckptregs while SCRATCH0 is live with the saved user r13 value, leading to corruption with the kernel r13 value. Second, in trechkpt where the user r13 value loaded from chkpt_regs for recheckpointing can be corrupted by an SLB miss, resulting in a kernel value being recheckpointed and restored to user registers. The vulnerability has been assigned a CVSS v3.1 score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) (Red Hat XML).

The vulnerability can lead to userspace r13 register corruption, which could potentially affect the stability and reliability of applications running on affected PowerPC systems. While the bug is extremely unlikely to occur in practice, it could result in unexpected behavior or crashes when triggered.

The issue has been fixed by storing the user r13 value in a temporary location on the kernel stack and maintaining the kernel r13 value until the RI=0 critical section that does not fault. The fix also includes changes to SCRATCH0 usage, though this is not strictly part of the vulnerability fix as it's only used in the RI=0 section (Kernel Git).