Name of the Vulnerable Software and Affected Versions:

Linux kernel versions prior to 6.15.3-200.fc42

Description:

A flaw exists in the Linux kernel’s `timerlat dump stack()` function within the tracing/osnoise subsystem. The issue stems from an incorrect order of operations when constructing the ftrace stack entry, specifically related to the `memcpy` function and the ` counted by(size)` marker. This can lead to a kernel panic due to a buffer overflow when the `size` field contains garbage data, potentially zero, triggering an out-of-bounds write.

Recommendations:

Linux kernel versions prior to 6.15.3-200.fc42: Update to version 6.15.3-200.fc42 or a later version to address this issue.