Stack Protection Vulnerability in Linux Kernel by Linux Foundation
CVE-2023-53491
What is CVE-2023-53491?
A vulnerability has been identified in the Linux Kernel related to the stack protection feature, specifically the omission of stack protectors on a per-function basis. The issue arose when callers of the 'boot_init_stack_canary' function did not appropriately utilize the function attribute 'no_stack_protector.' This oversight can result in discrepancies in the canary stored in the stack slot of the caller leading to potential security risks. With the introduction of GCC-11, which supports the necessary function attribute, it's crucial for developers to ensure their implementations utilize this feature to maintain security integrity.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 25e73018b4093e0cfbcec5dc4a4bb86d0b69ed56
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 514ca14ed5444b911de59ed3381dfd195d99fe4b
Linux 6.4.4 <= 6.4.*