Linux Kernel RISC-V KVM Module Removal Vulnerability Leading to IRQ Management Warning

A vulnerability has been identified in the Linux kernel's handling of the KVM (Kernel-based Virtual Machine) module for RISC-V architecture. During the removal of the KVM module, the process incorrectly disables the Advanced Interrupt Architecture (AIA) after exiting AIA management, causing a warning about an IRQ still being enabled. This mismanagement leads to an inconsistent IRQ state, preventing the KVM module from being reinserted. The issue arises in Linux kernel version 6.14.0-rc5.

Impact

The vulnerability causes a denial-of-service condition by leaving an IRQ enabled, which can disrupt normal interrupt handling and processing.

Reproduction

To reproduce this vulnerability, remove the KVM module while it is active. The 'rmmod' command can be used for this purpose. During the removal process, the KVM exit routine will disable the AIA, but because AIA exit is called first, a warning will be generated about an IRQ still being enabled. This warning indicates that the KVM module cannot be reinserted due to the IRQ management issue.