Linux Kernel Tick Handling Vulnerability in Nohz Full Setup Export

A vulnerability in the Linux kernel's tick handling has been identified, specifically related to the nohz full setup function. The issue arises because the function is exported while being annotated as initialization code, which is problematic since the initialization section is cleared after use. This mismatch can lead to a kernel panic by allowing access to a freed symbol. The problem was detected by the 'modpost' tool, which had previously been unable to identify such section mismatches for exported initialization symbols. The warning from 'modpost' highlighted the issue, indicating that the exported symbol 'tick_nohz_full_setup' improperly referenced a freed initialization function. The vulnerability can be resolved by removing the initialization annotation from the function or discontinuing its export, as it is only called from built-in kernel code.

Impact

Exploitation of this vulnerability can cause a kernel panic, leading to a system crash.