Linux Kernel ChaCha20 Vector Instruction Vulnerability on s390 Architecture

A vulnerability in the Linux kernel's ChaCha20 implementation for the s390 architecture can lead to a kernel crash if vector instructions are not available. The issue arises because a library interface was added for ChaCha20 without verifying if the necessary vector facilities were installed, allowing the code to incorrectly branch into assembler instructions that require these facilities. This vulnerability affects Linux kernel versions 5.19 and later.

Impact

Exploitation of this vulnerability causes a kernel panic, leading to a system crash. The panic occurs because the kernel attempts to terminate the 'init' process, which is critical for system operation, causing a complete system failure.

Reproduction

To reproduce this vulnerability, compile the Linux kernel with the ChaCha20 library interface enabled for the s390 architecture, but without the required vector instructions available. When the kernel is run, it will crash with a data exception error, indicating that the assembler code for ChaCha20 could not be executed properly due to the missing vector facilities.

Remediation

The vulnerability can be addressed by adding a check to ensure that the required vector instructions are available before using the s390-specific ChaCha20 assembler code. This can be done by modifying the ChaCha20 implementation to include a verification step for the necessary facilities.