CVE-2023-52677: riscv: Check if the code to patch lies in the exit section
Description
In the Linux kernel, the following vulnerability has been resolved:
riscv: Check if the code to patch lies in the exit section
Otherwise we fall through to vmalloc_to_page() which panics since the
address does not lie in the vmalloc region.
Classification
CVE ID: CVE-2023-52677
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 17.81% (scored less or equal to compared to others)
EPSS Date: 2025-02-03 (when was this score calculated)
References
https://git.kernel.org/stable/c/938f70d14618ec72e10d6fcf8a546134136d7c13https://git.kernel.org/stable/c/890cfe5337e0aaf03ece1429db04d23c88da72e7
https://git.kernel.org/stable/c/8db56df4a954b774bdc68917046a685a9fa2e4bc
https://git.kernel.org/stable/c/1d7a03052846f34d624d0ab41a879adf5e85c85f
https://git.kernel.org/stable/c/420370f3ae3d3b883813fd3051a38805160b2b9f