CVE-2022-49783: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49783 affects the Linux kernel and involves a vulnerability in the x86/fpu subsystem where the fpregs lock is incorrectly held during FPU permissions inheritance. The issue was discovered when a bug report showed a sleeping function being called from an invalid context in the preempt-rt kernel tree (NVD CVE).

The vulnerability stems from fpuinheritperms() being called under fpregslock(), leading to a spinlockirq() call when fpustatesizedynamic() returns true, despite the static key _fpustatesizedynamic never being enabled. The issue exists since commit 9e798e9aa14c ('x86/fpu: Prepare fpuclone() for dynamically enabled features'). On a PREEMPTRT kernel, fpregslock disables preemption, making the spinlockirq() call in fpuinherit_perms() unsafe (NVD CVE).

The vulnerability can cause system instability and potential deadlocks in the Linux kernel when processes are being created, particularly affecting systems running with the PREEMPT_RT patch. The issue specifically impacts the process creation path when FPU state inheritance occurs (NVD CVE).

The fix involves dropping the fpregslock before calling fpuinheritperms(), as it is not necessary for protecting the FPU state during this operation. The siglock is still required to be acquired by fpuinherit_perms() to serialize the reading of the parent's permissions (NVD CVE).