CVE-2022-49782: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2022-49782) was identified related to missing SIGTRAP checking in the perf subsystem. The issue was discovered when a WARN in _perfeventoverflow() would fire if pendingsigtrap was already set, indicating a return to user space without consuming pending_sigtrap (NVD).

The vulnerability occurs when events not associated with progress in the user space task can fire and the interrupt handler runs before the IRQ work meant to consume pendingsigtrap. This was demonstrated through a program with event type PERFTYPESOFTWARE and config PERFCOUNTSWCPU_CLOCK, where the hrtimer could fire again before the IRQ work got a chance to run, while never having returned to user space (NVD).

When triggered, this vulnerability could cause the kernel to generate warning messages and potentially lead to system instability. The issue specifically affects the kernel's performance monitoring subsystem and its handling of software-based CPU clock events (NVD).

The fix involves improving the WARN check to verify real progress in user space by storing a 32-bit hash of the current IP into pendingsigtrap. If an event fires while pendingsigtrap still matches the previous IP, it assumes no progress has been made. While this approach may have false negatives due to possible returns to the same IP, it provides a more robust detection mechanism (NVD).