Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixup panic by disabling preemption In RISCV, we must use an AUIPC + JALR pair to encode an immediate, forming a jump that jumps to an address over 4K. This may cause errors if we want to enable kernel preemption and remove dependency from patching code with stop_machine(). For example, if a task was switched out on auipc. And, if we changed the ftrace function before it was switched back, then it would jump to an address that has updated 11:0 bits mixing with previous XLEN:12 part. p: patched area performed by dynamic ftrace ftrace_prologue: p| REG_S ra, -SZREG(sp) p| auipc ra, 0x? ------------> preempted ... change ftrace function ... p| jalr -?(ra) <------------- switched back p| REG_L ra, -SZREG(sp) func: xxx ret
References
- https://git.kernel.org/stable/c/20a7510e781084364691b4962de31de758194cc9
- https://git.kernel.org/stable/c/84cfcf240f4a577733b1d98fcd2611a611612b03
- https://git.kernel.org/stable/c/8547649981e6631328cd64f583667501ae385531
FAQ
What is CVE-2023-53694?
CVE-2023-53694 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixup panic by disabling preemption In RISCV, we must use an AUIPC + JALR pair to encode an immediate, forming a ju...
How severe is CVE-2023-53694?
CVSS scoring is not yet available for CVE-2023-53694. Check NVD for updates.
Is there a patch for CVE-2023-53694?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.