Linux Kernel RedBoot Partition Table Parser Buffer Overflow Vulnerability

A buffer overflow vulnerability has been identified in the Linux kernel's MTD (Memory Technology Device) subsystem, specifically within the RedBoot partition table parser. This issue arises when the CONFIG_FORTIFY_SOURCE option is enabled, combined with a recent version of the compiler. The vulnerability was introduced by a previous commit that altered how object sizes are calculated, leading to a legitimate fortify warning about a buffer overflow. The warning indicated that the parser was reading beyond the allocated memory, which could potentially be exploited.

Impact

Exploitation of this vulnerability can lead to a buffer overflow, which may cause a crash or be exploited to execute arbitrary code.

Reproduction

The vulnerability can be reproduced by compiling the Linux kernel with the CONFIG_FORTIFY_SOURCE option enabled, using a recent version of the compiler. Once compiled, the kernel can be booted with a RedBoot partition table that triggers the parser to read beyond the allocated buffer, causing a buffer overflow.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. Instructions for downloading the latest kernel version can be found on the official Linux kernel website.