Linux Kernel Out-of-Bounds Vulnerability in Vmemmap Address Calculation on RISC-V

A vulnerability in the Linux kernel's RISC-V architecture has been addressed, concerning an out-of-bounds issue in the vmemmap address calculation. In the sparse vmemmap model, the virtual address for vmemmap is derived from the VMEMMAP_START and the physical RAM base. However, the kernel initializes struct pages starting from the first page in the same section as the physical RAM base. If this first page's physical address does not align with the expected value, the calculated virtual address can fall below VMEMMAP_START, leading to an out-of-bounds condition. This vulnerability could cause issues during the initialization of unavailable memory ranges by misaligning the virtual addresses of certain struct pages.

Impact

The vulnerability could lead to incorrect virtual address mappings for struct pages, potentially causing memory access violations or corruption.