CVE-2023-52978: riscv: kprobe: Fixup kernel panic when probing an illegal position
First published: Thu Mar 27 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: riscv: kprobe: Fixup kernel panic when probing an illegal position The kernel would panic when probed for an illegal position. eg: (CONFIG_RISCV_ISA_C=n) echo 'p:hello kernel_clone+0x16 a0=%a0' >> kprobe_events echo 1 > events/kprobes/hello/enable cat trace Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: __do_sys_newfstatat+0xb8/0xb8 CPU: 0 PID: 111 Comm: sh Not tainted 6.2.0-rc1-00027-g2d398fe49a4d #490 Hardware name: riscv-virtio,qemu (DT) Call Trace: [<ffffffff80007268>] dump_backtrace+0x38/0x48 [<ffffffff80c5e83c>] show_stack+0x50/0x68 [<ffffffff80c6da28>] dump_stack_lvl+0x60/0x84 [<ffffffff80c6da6c>] dump_stack+0x20/0x30 [<ffffffff80c5ecf4>] panic+0x160/0x374 [<ffffffff80c6db94>] generic_handle_arch_irq+0x0/0xa8 [<ffffffff802deeb0>] sys_newstat+0x0/0x30 [<ffffffff800158c0>] sys_clone+0x20/0x30 [<ffffffff800039e8>] ret_from_syscall+0x0/0x4 ---[ end Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: __do_sys_newfstatat+0xb8/0xb8 ]--- That is because the kprobe's ebreak instruction broke the kernel's original code. The user should guarantee the correction of the probe position, but it couldn't make the kernel panic. This patch adds arch_check_kprobe in arch_prepare_kprobe to prevent an illegal position (Such as the middle of an instruction).
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel | >=5.12<5.15.93 | |
| Linux Kernel | >=5.16<=6.1.11 | |
| Linux Kernel | =6.2-rc1 | |
| Linux Kernel | =6.2-rc2 | |
| Linux Kernel | =6.2-rc3 | |
| Linux Kernel | =6.2-rc4 | |
| Linux Kernel | =6.2-rc5 | |
| Linux Kernel | =6.2-rc6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-52978?
CVE-2023-52978 has a high severity due to the potential for kernel panic, impacting system stability.
How do I fix CVE-2023-52978?
To fix CVE-2023-52978, update to the latest version of the Linux kernel that addresses this vulnerability.
What software is affected by CVE-2023-52978?
CVE-2023-52978 affects the Linux kernel, particularly on systems utilizing the RISC-V architecture.
What are the potential impacts of CVE-2023-52978?
The potential impacts of CVE-2023-52978 include system crashes caused by kernel panics when probing an illegal position.
When was CVE-2023-52978 published?
CVE-2023-52978 was published on October 31, 2023.
- collector/mitre-cve
- source/MITRE
- agent/description
- agent/first-publish-date
- agent/references
- agent/type
- agent/title
- agent/author
- agent/guess-ai
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/remedy
- agent/event
- agent/softwarecombine
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.12
- version/linux kernel/5.16
- version/linux kernel/6.1.11
- version/linux kernel/6.2-rc1
- version/linux kernel/6.2-rc2
- version/linux kernel/6.2-rc3
- version/linux kernel/6.2-rc4
- version/linux kernel/6.2-rc5
- version/linux kernel/6.2-rc6