CVE-2022-49557: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49557 affects the Linux kernel's x86/fpu KVM (Kernel-based Virtual Machine) component. The vulnerability was discovered when setting the uABI size to the host's default size, which resulted in out-of-bounds writes and data corruption when running on hosts without XSAVE support, particularly on Core2 CPUs (Kernel Git).

The vulnerability occurs in the FPU (Floating Point Unit) state handling for KVM guests. When saving FPU state for userspace, KVM sets the FP+SSE bits in the XSAVE header even if the host doesn't support XSAVE. This operation can lead to out-of-bounds writes when setting the FP+SSE bits and potential data corruption, which was detected by KASAN (Kernel Address Sanitizer). The issue specifically manifests when the uABI size is set to the host's default size instead of KVM's historical uABI size (Kernel Git).

The vulnerability can result in data corruption and potential system instability when running KVM virtual machines on hosts without XSAVE support, particularly affecting systems using Core2 CPUs. The issue primarily impacts the migration of VM states between hosts with different XSAVE support configurations (Kernel Git).

The fix involves setting the starting uABI size of KVM's guest FPU to 'struct kvmxsave', which represents KVM's historical uABI size. Additionally, a warning (WARNON_ONCE) was implemented to detect if the default size is larger than KVM's base uABI size, as all features that can expand the uABI size must be opt-in (Kernel Git).