Discard stale CPU state when handling SVE traps

CVE-2024-50275

What is CVE-2024-50275?

A vulnerability has been identified in the Linux kernel concerning the handling of Scalable Vector Extension (SVE) traps on the ARM64 architecture. The issue arises from incorrect manipulation of the saved Floating Point SIMD (FPSIMD) and SVE state, which can lead to a race condition during preemption. This race condition may result in a thread exhibiting TIF_SVE set alongside TIF_FOREIGN_FPSTATE clear, despite the fact that the live CPU state has become stale when SVE traps are enabled. This situation can trigger unexpected warnings from the function do_sve_acc() due to the improper access of hardware resources, putting system integrity at risk. The kernel's corrective measure involves ensuring that stale CPU states are not reused during context switches, by triggering appropriate state flushes that guarantee the latest state is retrieved before user-space execution resumes.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References