Memory Access Vulnerability in Linux Kernel Affecting ARM64 Configuration
CVE-2023-53742
What is CVE-2023-53742?
A memory access vulnerability has been identified in the Linux kernel impacting ARM64 configurations. The issue arises from the promotion of the READ_ONCE() operation to a full atomic acquire instruction on certain ARM64 settings. This behavior can lead to errors when processing unaligned addresses, causing potential kernel paging requests and internal errors within the system. The fix entails avoiding the use of READ_ONCE() within the read_instrumented_memory function and ensuring that access is handled correctly through appropriate type casting. Although this adjustment may affect atomicity assurances, the expectation remains that standard loads across most architectures will maintain their atomic properties.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 706ae665747b629bcf87a2d7e6438602f904b8d5
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 75c03a8cfc731519236f08c34c7e029ae153a613
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2