-

CVE-2023-53694

In the Linux kernel, the following vulnerability has been resolved:

riscv: ftrace: Fixup panic by disabling preemption

In RISCV, we must use an AUIPC + JALR pair to encode an immediate,
forming a jump that jumps to an address over 4K. This may cause errors
if we want to enable kernel preemption and remove dependency from
patching code with stop_machine(). For example, if a task was switched
out on auipc. And, if we changed the ftrace function before it was
switched back, then it would jump to an address that has updated 11:0
bits mixing with previous XLEN:12 part.

p: patched area performed by dynamic ftrace
ftrace_prologue:
p|      REG_S   ra, -SZREG(sp)
p|      auipc   ra, 0x? ------------> preempted
					...
				change ftrace function
					...
p|      jalr    -?(ra) <------------- switched back
p|      REG_L   ra, -SZREG(sp)
func:
	xxx
	ret
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < 84cfcf240f4a577733b1d98fcd2611a611612b03
Version afc76b8b80112189b6f11e67e19cf58301944814
Status affected
Version < 20a7510e781084364691b4962de31de758194cc9
Version afc76b8b80112189b6f11e67e19cf58301944814
Status affected
Version < 8547649981e6631328cd64f583667501ae385531
Version afc76b8b80112189b6f11e67e19cf58301944814
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 5.12
Status affected
Version < 5.12
Version 0
Status unaffected
Version <= 6.1.*
Version 6.1.23
Status unaffected
Version <= 6.2.*
Version 6.2.3
Status unaffected
Version <= *
Version 6.3
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.053
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String