Linux Kernel Hyper-V Clocksource Vulnerability Leading to Kernel Panic

A vulnerability in the Linux kernel's handling of clocksource initialization for Hyper-V can cause a kernel panic. The issue arises because the initialization function is marked with both __init and EXPORT_SYMBOL annotations. The __init annotation indicates that the function is only needed during initialization and can be discarded afterward, leaving modules unable to access it. Attempting to use a symbol from a freed section can lead to a kernel panic. While the 'modpost' tool used to detect this issue, it had been broken for a decade. After fixing 'modpost' to warn about this problem, it was identified in 'linux-next' builds. The vulnerability could be resolved by either removing the __init annotation or the EXPORT_SYMBOL designation. The author chose to remove EXPORT_SYMBOL, as the only in-tree call site for this function is not compiled as a module.

Impact

Accessing a freed symbol can result in a kernel panic, causing a denial of service by crashing the system.