AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NVD-CWE-noinfo

OR
          *cpe:2.3:o:linux:linux_kernel:6.4:rc7:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:6.4:-:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.3.9 up to (excluding) 6.4
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 up to (excluding) 6.12.75
          *cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.13 up to (excluding) 6.18.16
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.19 up to (excluding) 6.19.6
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.19.287 up to (excluding) 4.20
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.10.185 up to (excluding) 5.10.252
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.15.118 up to (excluding) 5.15.202
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.4.248 up to (excluding) 5.5
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.1.35 up to (excluding) 6.1.165
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.4.1 up to (excluding) 6.6.128

kernel.org: https://git.kernel.org/stable/c/027797595a108726f4a0a45d225f603b0ffbd22b Types: Patch

kernel.org: https://git.kernel.org/stable/c/1737d37ae1d2814e6cf0a1af87af3d41f0812b95 Types: Patch

kernel.org: https://git.kernel.org/stable/c/36eb314184a0ae74dd42914b47d2b9fc43be8034 Types: Patch

kernel.org: https://git.kernel.org/stable/c/480e1d5c64bb14441f79f2eb9421d5e26f91ea3d Types: Patch

kernel.org: https://git.kernel.org/stable/c/5226570bd252cea2e805a161cb0f75c204c3108a Types: Patch

kernel.org: https://git.kernel.org/stable/c/875355152b33436907c2a6d2ffad1431fa86c62b Types: Patch

kernel.org: https://git.kernel.org/stable/c/cfccd3b8c51bc57a8a6fcb2fd30453afae5bc0d2 Types: Patch

kernel.org: https://git.kernel.org/stable/c/f736032c638a33a243e9126e617788f763d648f9 Types: Patch

In the Linux kernel, the following vulnerability has been resolved:

kexec: derive purgatory entry from symbol

kexec_load_purgatory() derives image->start by locating e_entry inside an
SHF_EXECINSTR section.  If the purgatory object contains multiple
executable sections with overlapping sh_addr, the entrypoint check can
match more than once and trigger a WARN.

Derive the entry section from the purgatory_start symbol when present and
compute image->start from its final placement.  Keep the existing e_entry
fallback for purgatories that do not expose the symbol.

WARNING: kernel/kexec_file.c:1009 at kexec_load_purgatory+0x395/0x3c0, CPU#10: kexec/1784
Call Trace:
 <TASK>
 bzImage64_load+0x133/0xa00
 __do_sys_kexec_file_load+0x2b3/0x5c0
 do_syscall_64+0x81/0x610
 entry_SYSCALL_64_after_hwframe+0x76/0x7e

[[email protected]: move helper to avoid forward declaration, per Baoquan]

https://git.kernel.org/stable/c/027797595a108726f4a0a45d225f603b0ffbd22b

https://git.kernel.org/stable/c/1737d37ae1d2814e6cf0a1af87af3d41f0812b95

https://git.kernel.org/stable/c/36eb314184a0ae74dd42914b47d2b9fc43be8034

https://git.kernel.org/stable/c/480e1d5c64bb14441f79f2eb9421d5e26f91ea3d

https://git.kernel.org/stable/c/5226570bd252cea2e805a161cb0f75c204c3108a

https://git.kernel.org/stable/c/875355152b33436907c2a6d2ffad1431fa86c62b

https://git.kernel.org/stable/c/cfccd3b8c51bc57a8a6fcb2fd30453afae5bc0d2

https://git.kernel.org/stable/c/f736032c638a33a243e9126e617788f763d648f9