Linux Kernel Streaming SVE Context Restoration Vulnerability on ARM64

A vulnerability in the Linux kernel's handling of the Scalable Vector Extension (SVE) signal context on ARM64 architecture can lead to out-of-bounds memory reads or premature termination of tasks. This issue arises when the SVE signal context is improperly restored, particularly in scenarios involving user-space modifications or the context of other tasks. The flaw can cause the kernel to read invalid memory areas, potentially triggering fatal faults, or terminate the task with a SIGKILL signal. The vulnerability is linked to the restoration process of the SVE context when certain flags are set or cleared, leading to inconsistencies that can be exploited under specific conditions.

Impact

The vulnerability can cause tasks to be killed with a SIGKILL signal after a period of user-space execution, or to experience out-of-bounds memory reads that could trigger a fatal fault.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux kernel's official website.