CVE-2022-50100
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-50100
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50100.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-50100
- Downstream
- Related
- Published
- 2025-06-18T11:02:36Z
- Modified
- 2025-10-14T00:23:09.217119Z
- Summary
- sched/core: Do not requeue task on CPU excluded from cpus_mask
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
sched/core: Do not requeue task on CPU excluded from cpus_mask
The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline.
WARNING: CPU: 439 PID: 10 at ../kernel/workqueue.c:2231 processonework+0x4d/0x440 Call Trace: <TASK> rescuerthread+0x1f6/0x360 kthread+0x156/0x180 retfrom_fork+0x22/0x30 </TASK>
Commit c6e7bd7afaeb ("sched/core: Optimize ttwu() spinning on p->on_cpu") optimises ttwu by queueing a task that is descheduling on the wakelist, but does not check if the task descheduling is still allowed to run on that CPU.
In this warning, the problematic task is a workqueue rescue thread which checks if the rescue is for a per-cpu workqueue and running on the wrong CPU. While this is early in boot and it should be possible to create workers, the rescue thread may still used if the MAYDAYINITIALTIMEOUT is reached or MAYDAY_INTERVAL and on a sufficiently large machine, the rescue thread is being used frequently.
Tracing confirmed that the task should have migrated properly using the stopper thread to handle the migration. However, a parallel wakeup from udev running on another CPU that does not share CPU cache observes p->oncpu and uses taskcpu(p), queues the task on the old CPU and triggers the warning.
Check that the wakee task that is descheduling is still allowed to run on its current CPU and if not, wait for the descheduling to complete and select an allowed CPU.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/302f7b0fc337746f41c69eb08522907f6a90c643
- https://git.kernel.org/stable/c/748d2e9585ae53cb6be48e84f93d2f082ae1d135
- https://git.kernel.org/stable/c/751d4cbc43879229dbc124afefe240b70fd29a85
- https://git.kernel.org/stable/c/fde45283f4c8a91c367ea5f20f87036468755121
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc6e7bd7afaeb3af55ffac122828035f1c01d1d7bFixed748d2e9585ae53cb6be48e84f93d2f082ae1d135
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc6e7bd7afaeb3af55ffac122828035f1c01d1d7bFixedfde45283f4c8a91c367ea5f20f87036468755121
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc6e7bd7afaeb3af55ffac122828035f1c01d1d7bFixed302f7b0fc337746f41c69eb08522907f6a90c643
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc6e7bd7afaeb3af55ffac122828035f1c01d1d7bFixed751d4cbc43879229dbc124afefe240b70fd29a85
Affected versions
v5.*
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.10
v5.18.11
v5.18.12
v5.18.13
v5.18.14
v5.18.15
v5.18.16
v5.18.17
v5.18.2
v5.18.3
v5.18.4
v5.18.5
v5.18.6
v5.18.7
v5.18.8
v5.18.9
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
v5.7
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8
Database specific
{
"vanir_signatures": [
{
"target": {
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-3151be07",
"digest": {
"threshold": 0.9,
"line_hashes": [
"237016165165170440409361812902147587061",
"320363523374344981559623454232446985862",
"321093169938772234394773992729394694894",
"88584281173965889836807027435547774135",
"77982749314597101852361164951069763163",
"60362884401037254672299689835264807910",
"302797167980019431853464830726195724190",
"244036516294751301144395439001921921695",
"220357503057245330658521967910293278629",
"232201422428520205037572886753986757125",
"96437608868119608965778491488422627579"
]
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@748d2e9585ae53cb6be48e84f93d2f082ae1d135"
},
{
"target": {
"function": "ttwu_queue_wakelist",
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-4fa308cb",
"digest": {
"length": 215.0,
"function_hash": "122364278808737858126132715331646575635"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fde45283f4c8a91c367ea5f20f87036468755121"
},
{
"target": {
"function": "ttwu_queue_wakelist",
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-73bef10a",
"digest": {
"length": 215.0,
"function_hash": "122364278808737858126132715331646575635"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@302f7b0fc337746f41c69eb08522907f6a90c643"
},
{
"target": {
"function": "ttwu_queue_cond",
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-76892d83",
"digest": {
"length": 263.0,
"function_hash": "139623218658523175880886496118365375721"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@748d2e9585ae53cb6be48e84f93d2f082ae1d135"
},
{
"target": {
"function": "ttwu_queue_cond",
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-7eeb7d67",
"digest": {
"length": 263.0,
"function_hash": "139623218658523175880886496118365375721"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@751d4cbc43879229dbc124afefe240b70fd29a85"
},
{
"target": {
"function": "ttwu_queue_cond",
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-a35bf9ef",
"digest": {
"length": 263.0,
"function_hash": "139623218658523175880886496118365375721"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fde45283f4c8a91c367ea5f20f87036468755121"
},
{
"target": {
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-b6b29e3a",
"digest": {
"threshold": 0.9,
"line_hashes": [
"237016165165170440409361812902147587061",
"320363523374344981559623454232446985862",
"321093169938772234394773992729394694894",
"88584281173965889836807027435547774135",
"77982749314597101852361164951069763163",
"60362884401037254672299689835264807910",
"302797167980019431853464830726195724190",
"244036516294751301144395439001921921695",
"220357503057245330658521967910293278629",
"232201422428520205037572886753986757125",
"96437608868119608965778491488422627579"
]
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@751d4cbc43879229dbc124afefe240b70fd29a85"
},
{
"target": {
"function": "ttwu_queue_wakelist",
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-c7355370",
"digest": {
"length": 215.0,
"function_hash": "122364278808737858126132715331646575635"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@748d2e9585ae53cb6be48e84f93d2f082ae1d135"
},
{
"target": {
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-e7611644",
"digest": {
"threshold": 0.9,
"line_hashes": [
"237016165165170440409361812902147587061",
"320363523374344981559623454232446985862",
"321093169938772234394773992729394694894",
"88584281173965889836807027435547774135",
"77982749314597101852361164951069763163",
"60362884401037254672299689835264807910",
"302797167980019431853464830726195724190",
"244036516294751301144395439001921921695",
"220357503057245330658521967910293278629",
"232201422428520205037572886753986757125",
"96437608868119608965778491488422627579"
]
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fde45283f4c8a91c367ea5f20f87036468755121"
},
{
"target": {
"function": "ttwu_queue_cond",
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-ec143461",
"digest": {
"length": 263.0,
"function_hash": "139623218658523175880886496118365375721"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@302f7b0fc337746f41c69eb08522907f6a90c643"
},
{
"target": {
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-f052b1e7",
"digest": {
"threshold": 0.9,
"line_hashes": [
"237016165165170440409361812902147587061",
"320363523374344981559623454232446985862",
"321093169938772234394773992729394694894",
"88584281173965889836807027435547774135",
"77982749314597101852361164951069763163",
"60362884401037254672299689835264807910",
"302797167980019431853464830726195724190",
"244036516294751301144395439001921921695",
"220357503057245330658521967910293278629",
"232201422428520205037572886753986757125",
"96437608868119608965778491488422627579"
]
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@302f7b0fc337746f41c69eb08522907f6a90c643"
},
{
"target": {
"function": "ttwu_queue_wakelist",
"file": "kernel/sched/core.c"
},
"deprecated": false,
"id": "CVE-2022-50100-f679b45b",
"digest": {
"length": 215.0,
"function_hash": "122364278808737858126132715331646575635"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@751d4cbc43879229dbc124afefe240b70fd29a85"
}
]
}