Linux Kernel Soc Memory Initialization Vulnerability on Ramips Boards

A vulnerability in the Linux kernel's handling of memory initialization for certain boards, particularly those based on the Ramips platform, has been addressed. The issue arose because the function 'early_init_dt_scan_memory' always returned 0, failing to properly detect memory and allowing subsequent memory setup processes to proceed. This oversight led to kernel panics during early boot on affected devices, such as the Cudy X6, which rely on a specific memory detection mechanism. The vulnerability has been resolved by modifying the memory scanning function to accurately reflect whether memory has been found, thereby restoring proper initialization procedures.

Impact

The vulnerability could cause a kernel panic during the boot process, disrupting system startup and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced on Linux kernel versions prior to the patch, on devices that use the Ramips platform and depend on the 'soc_info.mem_detect' function for memory initialization. When such a device is booted, it will fail to allocate the necessary memory, resulting in a kernel panic with an error message indicating the failure to allocate memory.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched.