In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftrace_init(), but the error path (rightfully) returned -EINVAL and not -EFAULT, as the bug caused more than one error to occur. But because -EINVAL was returned, the ftrace_bug() tried to report what was at the location of the ip address, and read it directly. This caused the machine to panic, as the ip was not pointing to a valid memory address. Instead, read the ip address with copy_from_kernel_nofault() to safely access the memory, and if it faults, report that the address faulted, otherwise report what was in that location.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
Debian | 11 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
Debian | 10 | all | linux | < 4.19.208-1 | linux_4.19.208-1_all.deb |
Debian | 999 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
Debian | 13 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |