Daniel Hodges

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a kernel verifier crash in the `stacksafe()` function due to invalid memory access. This occurs when `cur->allocated stack` is less than `old->allocated stack`, causing an out-of-bound access. The crash was reported by Daniel Hodges while working with sched-ext. The vulnerable code is in the `stacksafe()` function, specifically in the condition `if (exact != NOT EXACT && old->stack[spi].slot type[i % BPF REG SIZE] != cur->stack[spi].slot type[i % BPF REG SIZE])`. To fix the issue, an `i >= cur->allocated stack` check should be added to prevent the out-of-bound access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.