CVE-2022-49709: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49709 is a vulnerability in the Linux kernel related to Control Flow Integrity (CFI) functionality. The issue was discovered in the cfislowpathdiag RCU usage with cpuidle, where RCU_NONIDLE usage during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path. The vulnerability was publicly disclosed on February 26, 2025, affecting various Linux kernel versions (NVD, Ubuntu).

The vulnerability stems from improper RCU (Read-Copy-Update) state management in the kernel's CFI implementation. When _cfislowpathdiag is called during CPU idle states, it can trigger an invalid RCU state, resulting in a kernel warning at kernel/rcu/tree.c:613 rcueqs_enter+0xe4/0x138. The issue manifests in the cpuidle code path and affects the kernel's ability to properly manage RCU states during CFI checks (Kernel Commit).

The vulnerability can cause system instability and potential kernel warnings when the CPU enters idle states while performing CFI checks. This primarily affects systems using Clang CFI security features and can lead to improper RCU state management, potentially impacting system reliability (Ubuntu).

The issue has been fixed by modifying the RCU handling in the CFI implementation. Instead of using RCUNONIDLE, the fix implements a more precise approach by calling rcuirq_enter/exit only when needed and disabling interrupts for the entire CFI shadow/module check when necessary. This patch has been merged into the Linux kernel (Kernel Commit).