Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Off-By-One Vulnerability in Section Executability Check

Vulnerability

A vulnerability in the Linux kernel's handling of section executability has been addressed. The issue was an off-by-one error in the 'is_executable_section' function, which could lead to an out-of-bounds array access. This vulnerability was present in the Linux kernel stable tree.

Impact

The vulnerability could cause out-of-bounds array access, potentially leading to memory corruption or other unintended behavior.

Reproduction

The vulnerability can be reproduced by modifying the 'is_executable_section' function in the 'scripts/mod/modpost.c' file. The original comparison of 'section_index > elf->num_sections' should be changed to 'section_index >= elf->num_sections' to correct the off-by-one error. This modification can be committed to the Linux kernel stable repository.

Remediation

Users can apply the available patch by downloading the latest version of the Linux kernel from the Linux kernel stable Git repository.

Added: Sep 18, 2025, 2:50 PM
Updated: Sep 18, 2025, 2:50 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
0.6
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.