Hello, Linux kernel built for the s390 architecture(CONFIG_S390) is vulnerable to a crash due to low-address protection exception. It occurs when an application uses a linkage stack instruction. An unprivileged user/application could use this flaw to crash the system resulting in DoS. Upstream fix: ------------- -> https://git.kernel.org/linus/8d7f6690cedb83456edd41c9bd583783f0703bf0 -rw-r--r-- arch/s390/kernel/head64.S 7 1 files changed, 5 insertions, 2 deletions diff --git a/arch/s390/kernel/head64.S b/arch/s390/kernel/head64.S index b9e25ae..d7c0050 100644 --- a/arch/s390/kernel/head64.S +++ b/arch/s390/kernel/head64.S @@ -59,7 +59,7 @@ ENTRY(startup_continue) .quad 0 # cr12: tracing off .quad 0 # cr13: home space segment table .quad 0xc0000000 # cr14: machine check handling off - .quad 0 # cr15: linkage stack operations + .quad .Llinkage_stack # cr15: linkage stack operations .Lpcmsk:.quad 0x0000000180000000 .L4malign:.quad 0xffffffffffc00000 .Lscan2g:.quad 0x80000000 + 0x20000 - 8 # 2GB + 128K - 8 @@ -67,12 +67,15 @@ ENTRY(startup_continue) .Lparmaddr: .quad PARMAREA .align 64 -.Lduct: .long 0,0,0,0,.Lduald,0,0,0 +.Lduct: .long 0,.Laste,.Laste,0,.Lduald,0,0,0 .long 0,0,0,0,0,0,0,0 +.Laste: .quad 0,0xffffffffffffffff,0,0,0,0,0,0 .align 128 .Lduald:.rept 8 .long 0x80000000,0,0,0 # invalid access-list entries .endr +.Llinkage_stack: + .long 0,0,0x89000000,0,0,0,0x8a000000,0 ENTRY(_ehead) Reference: ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=1067558 Thank you. -- Prasad J Pandit / Red Hat Security Response Team