Linux Kernel PowerPC KASAN Vulnerability in Text Patching Area

A vulnerability in the Linux kernel's PowerPC text patching process has been identified, which leads to a KASAN (Kernel Address Sanitizer) error. This issue arises because the text patching area is incorrectly flagged as VM_ALLOC, allowing out-of-bounds memory access. The vulnerability was discovered while booting a PowerMac G4 with a KASAN-enabled kernel, version 6.13-rc6. The KASAN report indicated a 'vmalloc-out-of-bounds' error, caused by the 'chronyd' task writing to an uninitialized virtual memory area that should not have been accessed. The problem stems from the PowerPC text patching infrastructure improperly managing memory allocation flags, which went unnoticed until KASAN was enabled.

Impact

Exploitation of this vulnerability causes a KASAN vmalloc-out-of-bounds error, indicating a write operation to an invalid memory area, which can lead to memory corruption or unauthorized access to kernel memory.