Linux Kernel RISC-V SR_SUM State Management Vulnerability

A vulnerability in the Linux kernel's RISC-V architecture has been addressed, concerning the management of the SR_SUM status during thread or task switches. Under heavy load, particularly when the syz-stress tool is active, this issue can lead to kernel crashes. The problem arises because the 'put_user()' function in 'schedule_tail' can inadvertently clear the SR_SUM state, causing a panic. This vulnerability has been resolved by ensuring that the SR_SUM state is properly saved and restored during task switches, allowing for safer use of user access macros without incurring performance costs.

Impact

Exploitation of this vulnerability can cause kernel panics, leading to system crashes. The issue disrupts normal task scheduling by improperly handling user memory access, particularly under heavy load conditions.