Linux Kernel Kprobe Vulnerability Leading to Kernel Panic on RISC-V Architecture

A vulnerability in the Linux kernel's handling of kprobes on RISC-V architecture can lead to a kernel panic. This issue occurs when a kprobe is set at an illegal position, such as the middle of an instruction, which disrupts the kernel's original code. The improper probing can cause the kernel to panic, indicating a stack corruption. The vulnerability has been addressed by adding a check to ensure that kprobes are only placed at valid positions.

Impact

Exploitation of this vulnerability causes a kernel panic, disrupting system operations and indicating a stack corruption issue.

Reproduction

To reproduce this vulnerability, configure the RISC-V kernel with the 'C' extension disabled. Then, set a kprobe at an illegal position, such as the middle of an instruction, and enable the probe. This will trigger a kernel panic, with the system reporting a corrupted stack and the panic occurring in the 'sys_newfstatat' function.

Remediation

The vulnerability has been fixed in the official Linux kernel repository. Users should upgrade to the latest stable version of the Linux kernel to address this issue.