Linux Kernel Powercap SCMI Driver Stack Overflow Vulnerability

A vulnerability in the ARM SCMI Powercap driver of the Linux kernel can lead to a stack overflow. This issue arises when the driver processes a hierarchical tree of powercap zones, which can be returned in a disordered manner by the platform. The current implementation uses a recursive algorithm to register zones from the root to the leaves, a method that, while correct, can cause a kernel stack overflow with particularly high trees. The vulnerability has been addressed by changing the registration process to an iterative approach that uses a dynamically allocated stack-like data structure, preventing the overflow.

Impact

The vulnerability can cause a kernel stack overflow, potentially leading to arbitrary code execution or a system crash.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the latest kernel version can be found on the official Linux kernel website.