CVE-2024-43843

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an out-of-bounds problem when preparing a trampoline image in the Linux kernel, specifically affecting the riscv and bpf components. The im argument is inconsistent between the dry run and real patch phases, potentially causing the emit imm function in RV64 to generate a different number of instructions when creating the 'im' address. This inconsistency may lead to out-of-bounds issues. The problem is resolved by emitting the maximum number of instructions for the "im" address during the dry run.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.