CVE-2023-53742

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.15.78-android13-8-g63561175bbda-dirty through 5.15.78-android13-8-g63561175bbda-dirty

Description The Linux kernel contained an issue in kcsan where the use of READ ONCE() in read instrumented memory() could lead to a kernel paging request, specifically an alignment fault, on certain arm64 configurations. This occurred because READ ONCE() was promoted to a full atomic acquire instruction which is not supported on unaligned addresses. The issue was triggered by an inability to handle a kernel paging request at a specific virtual address, resulting in an internal error and a system crash. The fix avoids the use of READ ONCE() in read instrumented memory() by casting to a volatile type, ensuring the compiler performs the necessary access.

Recommendations Update to a newer version of the Linux kernel that contains the fix for this vulnerability.