Colm Harrington

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: A softlockup issue in the Linux kernel has been identified, specifically in the bpf (Berkeley Packet Filter) component. This issue occurs on aarch64 kernels with a page size of 64KB, where arena htab tests cause a segmentation fault and soft lockup. The problem arises when `arena map free()` calls `apply to existing page range()` with an unaligned address, leading to a soft lockup. The issue is not observed with 4k pages on aarch64. Recommendations: As a temporary workaround, consider disabling the `arena map free()` function until a patch is available. To fix the issue, round up `GUARD SZ` to `PAGE SIZE << 1` so that the division by 2 in `bpf arena get kern vm start()` returns a page-aligned value. At the moment, there is no information about a newer version that contains a fix for this vulnerability.