| Changed |
Description |
In the Linux kernel, the following vulnerability has been resolved:
xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
EXPORT_SYMBOL and __init is a bad combination because the .init.text
section is freed up after the initialization. Hence, modules cannot
use symbols annotated __init. The access to a freed symbol may end up
with kernel panic.
modpost used to detect it, but it has been broken for a decade.
Recently, I fixed modpost so it started to warn it again, then this
showed up in linux-next builds.
There are two ways to fix it:
- Remove __init
- Remove EXPORT_SYMBOL
I chose the latter for this case because none of the in-tree call-sites
(arch/arm/xen/enlighten.c, arch/x86/xen/grant-table.c) is compiled as
modular.
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
