Linux Kernel KASAN Check Bypass Vulnerability in RISC-V Stack Unwinding

A vulnerability in the Linux kernel's RISC-V stack unwinding process allows the Kernel Address Sanitizer (KASAN) to report false out-of-bounds errors when unwinding the stack of non-current tasks. This issue arises because KASAN checks are not properly disabled for tasks that are not currently running, potentially leading to incorrect error reports. The vulnerability is present in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability can cause KASAN to incorrectly report memory access errors, which could be misleading during debugging or memory error analysis.

Reproduction

The vulnerability can be reproduced by unwinding the stack of a non-current task on a RISC-V system with KASAN enabled. This will trigger KASAN's out-of-bounds error reporting, indicating a stack access violation.

Remediation

The vulnerability has been addressed in the Linux kernel stable tree by disabling KASAN checks for non-current tasks during stack unwinding. Users can upgrade to the latest stable version of the Linux kernel to apply this fix.