[SRU][M][PATCH 0/1] CVE-2024-26710

Bethany Jamison bethany.jamison at canonical.com
Fri Apr 19 20:49:38 UTC 2024


[Impact]

 In the Linux kernel, the following vulnerability has been resolved:

 powerpc/kasan: Limit KASAN thread size increase to 32KB

 KASAN is seen to increase stack usage, to the point that it was reported
 to lead to stack overflow on some 32-bit machines (see link).

 To avoid overflows the stack size was doubled for KASAN builds in
 commit 3e8635fb2e07 ("powerpc/kasan: Force thread size increase with
 KASAN").

 However with a 32KB stack size to begin with, the doubling leads to a
 64KB stack, which causes build errors:
   arch/powerpc/kernel/switch.S:249: Error: operand out of range
 (0x000000000000fe50 is not between 0xffffffffffff8000 and
 0x0000000000007fff)

 Although the asm could be reworked, in practice a 32KB stack seems
 sufficient even for KASAN builds - the additional usage seems to be in
 the 2-3KB range for a 64-bit KASAN build.

 So only increase the stack for KASAN if the stack size is < 32KB.

[Fix]

Mantic:	Clean cherry-pick from linux-6.6.y
Jammy:	not-affected
Focal:	not-affected
Bionic:	not-affected
Xenial:	not-affected
Trusty:	not-affected

[Test Case]

Compile and boot tested.

[Where problems could occur]

This fix affects those who use KASAN on PowerPC, an issue with this 
fix would be visable to the user via a system crash.

Michael Ellerman (1):
  powerpc/kasan: Limit KASAN thread size increase to 32KB

 arch/powerpc/include/asm/thread_info.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.34.1




More information about the kernel-team mailing list