-

CVE-2022-50657

riscv: mm: add missing memcpy in kasan_init

In the Linux kernel, the following vulnerability has been resolved:

riscv: mm: add missing memcpy in kasan_init

Hi Atish,

It seems that the panic is due to the missing memcpy during kasan_init.
Could you please check whether this patch is helpful?

When doing kasan_populate, the new allocated base_pud/base_p4d should
contain kasan_early_shadow_{pud, p4d}'s content. Add the missing memcpy
to avoid page fault when read/write kasan shadow region.

Tested on:
 - qemu with sv57 and CONFIG_KASAN on.
 - qemu with sv48 and CONFIG_KASAN on.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version 8fbdccd2b17335e1881a23865e98c63fcc345938
Version < ff0f6becf3a6f817838b6f80a2c9cca43dce0576
Status affected
Version 8fbdccd2b17335e1881a23865e98c63fcc345938
Version < 9f2ac64d6ca60db99132e08628ac2899f956a0ec
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 5.18
Status affected
Version 0
Version < 5.18
Status unaffected
Version <= 6.0.*
Version 6.0.7
Status unaffected
Version <= *
Version 6.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.063
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
Es wurden noch keine Informationen zu CWE veröffentlicht.