Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Hisilicon QM Crypto Module Stack Overflow Vulnerability

Vulnerability

A stack overflow vulnerability has been identified in the Linux kernel's Hisilicon QM crypto module. The issue arises because the 'val buffer' variable, which is used for QoS configuration, is only 32 bytes long. This length is insufficient, as the maximum QoS configuration buffer can be 256 bytes. The vulnerability is further exacerbated by the 'sscanf' function, which does not validate the length of the destination memory, allowing for potential stack overflow exploitation.

Impact

Exploitation of this vulnerability can lead to a stack overflow, which may be used to execute arbitrary code or cause a denial-of-service condition by crashing the system.

Reproduction

The vulnerability can be reproduced by sending a QoS configuration that exceeds 32 bytes, but less than 256 bytes, to the Hisilicon QM crypto module. The 'sscanf' function will not properly check the buffer length, causing a stack overflow.

Remediation

Users can upgrade to the patched version of the Linux kernel available in the Linux kernel stable tree.

Added: Sep 18, 2025, 5:37 PM
Updated: Sep 18, 2025, 5:37 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.5
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.