Linux Kernel FPDT ACPI Table Invalid Physical Address Handling Vulnerability

A vulnerability exists in the Linux kernel's handling of ACPI FPDT tables on certain Packard Bell Dot SC devices with Intel Atom N2600 processors. These tables may contain invalid physical addresses that exceed the CPU's supported range. When the kernel attempts to map these addresses using 'acpi_os_map_memory()', it triggers a warning and a stack trace due to the invalidity, leading to a system error. The issue arises because the physical addresses are not properly validated before being mapped, causing the kernel to crash.

Impact

Exploitation of this vulnerability leads to a kernel oops, which is a serious error that can cause a system crash or instability.

Reproduction

The vulnerability can be reproduced by booting a Packard Bell Dot SC device with an Intel Atom N2600 processor using a Linux kernel version that includes the vulnerable ACPI FPDT handling. The kernel will attempt to map the invalid physical addresses, resulting in a WARN_ON message about the invalid address, followed by a kernel oops and a stack trace indicating the error.

Remediation

Users can upgrade to a patched version of the Linux kernel that includes the address validation fix. Instructions for downloading the latest stable kernel can be found on the official Linux kernel website.