Linux Kernel ARM Kexec Synchronous SMP Stop Call Vulnerability

A vulnerability in the Linux kernel's ARM architecture has been addressed, specifically within the kexec functionality. The issue arose because panic situations triggered by hrtimer interrupts caused all online CPUs to be notified and set offline. This synchronization occurred with interrupts disabled, which is problematic. The vulnerability could lead to improper handling of CPU states during critical timing events, potentially causing system instability or crashes.

Impact

The vulnerability could cause a kernel panic, disrupting system operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by triggering a panic with a hrtimer interrupt while all online CPUs are active. This will cause the system to attempt to set the CPUs offline synchronously, leading to a kernel panic. The issue can be observed in the kernel's SMP (Symmetric Multi-Processing) handling, where function calls from a softirq context can cause unintended disruptions.

Remediation

The vulnerability has been fixed in the Linux kernel stable tree. Users can upgrade to the latest version to address this issue.