fkie_cve-2024-43868
Vulnerability from fkie_nvd
Published
2024-08-21 00:15
Modified
2024-11-14 16:15
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
riscv/purgatory: align riscv_kernel_entry
When alignment handling is delegated to the kernel, everything must be
word-aligned in purgatory, since the trap handler is then set to the
kexec one. Without the alignment, hitting the exception would
ultimately crash. On other occasions, the kernel's handler would take
care of exceptions.
This has been tested on a JH7110 SoC with oreboot and its SBI delegating
unaligned access exceptions and the kernel configured to handle them.
References
Impacted products
| Vendor | Product | Version |
|---|
{ cveTags: [], descriptions: [ { lang: "en", value: "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv/purgatory: align riscv_kernel_entry\n\nWhen alignment handling is delegated to the kernel, everything must be\nword-aligned in purgatory, since the trap handler is then set to the\nkexec one. Without the alignment, hitting the exception would\nultimately crash. On other occasions, the kernel's handler would take\ncare of exceptions.\nThis has been tested on a JH7110 SoC with oreboot and its SBI delegating\nunaligned access exceptions and the kernel configured to handle them.", }, { lang: "es", value: "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv/purgatory: align riscv_kernel_entry Cuando el manejo de la alineación se delega al kernel, todo debe estar alineado por palabras en el purgatorio, ya que el controlador de trampas se establece en kexec. Sin la alineación, alcanzar la excepción finalmente fallaría. En otras ocasiones, el controlador del kernel se encargaría de las excepciones. Esto se probó en un SoC JH7110 con oreboot y su SBI que delegaba excepciones de acceso no alineadas y el kernel configurado para manejarlas.", }, ], id: "CVE-2024-43868", lastModified: "2024-11-14T16:15:19.803", metrics: {}, published: "2024-08-21T00:15:05.150", references: [ { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", url: "https://git.kernel.org/stable/c/10ffafb456f293976c42f700578ef740467cb569", }, { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", url: "https://git.kernel.org/stable/c/5d4aaf16a8255f7c71790e211724ba029609c5ff", }, { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", url: "https://git.kernel.org/stable/c/6e62dab357eea12db0fc62dea94c7a892888e6e8", }, { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", url: "https://git.kernel.org/stable/c/fb197c5d2fd24b9af3d4697d0cf778645846d6d5", }, ], sourceIdentifier: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", vulnStatus: "Awaiting Analysis", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.