ghsa-5w7q-hp3j-xm99
Vulnerability from github
Published
2024-08-21 00:30
Modified
2024-11-14 18:30
Details

In the Linux kernel, the following vulnerability has been resolved:

riscv/purgatory: align riscv_kernel_entry

When alignment handling is delegated to the kernel, everything must be word-aligned in purgatory, since the trap handler is then set to the kexec one. Without the alignment, hitting the exception would ultimately crash. On other occasions, the kernel's handler would take care of exceptions. This has been tested on a JH7110 SoC with oreboot and its SBI delegating unaligned access exceptions and the kernel configured to handle them.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-43868"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-21T00:15:05Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv/purgatory: align riscv_kernel_entry\n\nWhen alignment handling is delegated to the kernel, everything must be\nword-aligned in purgatory, since the trap handler is then set to the\nkexec one. Without the alignment, hitting the exception would\nultimately crash. On other occasions, the kernel\u0027s handler would take\ncare of exceptions.\nThis has been tested on a JH7110 SoC with oreboot and its SBI delegating\nunaligned access exceptions and the kernel configured to handle them.",
  "id": "GHSA-5w7q-hp3j-xm99",
  "modified": "2024-11-14T18:30:31Z",
  "published": "2024-08-21T00:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43868"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/10ffafb456f293976c42f700578ef740467cb569"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5d4aaf16a8255f7c71790e211724ba029609c5ff"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6e62dab357eea12db0fc62dea94c7a892888e6e8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fb197c5d2fd24b9af3d4697d0cf778645846d6d5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.