Linux Kernel Hyper-V Indirect Branch Tracking Bug Causes Panic

A vulnerability in the Linux kernel's handling of Indirect Branch Tracking (IBT) has been identified in Hyper-V virtual machines running with ConfigVersion 9.3 or later. The issue arises because current Hyper-V versions do not include the required ENDBR64 instruction at the beginning of the hypercall page. This omission causes hypercall attempts to fail, leading to a Linux kernel panic. Although a fix is being developed to add the missing ENDBR64 instruction, the Linux kernel can be modified to disable IBT when the hypercall page is not properly configured. This vulnerability affects the Linux kernel in Hyper-V environments where IBT is supported but not functioning correctly due to the missing instruction.

Impact

Enabling IBT on a Hyper-V VM without the proper hypercall page configuration causes all hypercall attempts to fail, resulting in a kernel panic.

Reproduction

The vulnerability can be reproduced by creating a Hyper-V virtual machine with ConfigVersion 9.3 or later and enabling Indirect Branch Tracking. Without the ENDBR64 instruction at the start of the hypercall page, all hypercall attempts will fail, causing the Linux kernel to panic.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to apply the fix.