Linux Kernel RISC-V Uprobes Missing Instruction Flush Vulnerability

A vulnerability in the Linux kernel's RISC-V uprobes implementation has been addressed. The issue involved the XOL (execute out-of-line) buffer, which is used for single-stepping replaced instructions during uprobes. The RISC-V port failed to include a necessary instruction flush after creating the XOL buffer, potentially leading to the execution of outdated or corrupted instructions. This vulnerability was identified while running BPF self-tests on the Spacemit K1/X60, where the uprobes tests encountered random failures.

Impact

The vulnerability could cause incorrect execution of instructions by allowing stale or broken instructions to be processed, potentially leading to erratic behavior or crashes.

Reproduction

The vulnerability can be reproduced by running the BPF self-tests 'test_progs:uprobe_autoattach' and 'attach_probe' on a device using the Spacemit K1/X60 platform.