CVE-2023-53491

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> start_kernel: Add __no_stack_protector function attribute<br /> <br /> Back during the discussion of<br /> commit a9a3ed1eff36 ("x86: Fix early boot crash on gcc-10, third try")<br /> we discussed the need for a function attribute to control the omission<br /> of stack protectors on a per-function basis; at the time Clang had<br /> support for no_stack_protector but GCC did not. This was fixed in<br /> gcc-11. Now that the function attribute is available, let&amp;#39;s start using<br /> it.<br /> <br /> Callers of boot_init_stack_canary need to use this function attribute<br /> unless they&amp;#39;re compiled with -fno-stack-protector, otherwise the canary<br /> stored in the stack slot of the caller will differ upon the call to<br /> boot_init_stack_canary. This will lead to a call to __stack_chk_fail()<br /> then panic.