CVE-2023-53224

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ext4: Fix function prototype mismatch for ext4_feat_ktype<br /> <br /> With clang&amp;#39;s kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),<br /> indirect call targets are validated against the expected function<br /> pointer prototype to make sure the call target is valid to help mitigate<br /> ROP attacks. If they are not identical, there is a failure at run time,<br /> which manifests as either a kernel panic or thread getting killed.<br /> <br /> ext4_feat_ktype was setting the "release" handler to "kfree", which<br /> doesn&amp;#39;t have a matching function prototype. Add a simple wrapper<br /> with the correct prototype.<br /> <br /> This was found as a result of Clang&amp;#39;s new -Wcast-function-type-strict<br /> flag, which is more sensitive than the simpler -Wcast-function-type,<br /> which only checks for type width mismatches.<br /> <br /> Note that this code is only reached when ext4 is a loadable module and<br /> it is being unloaded:<br /> <br /> CFI failure at kobject_put+0xbb/0x1b0 (target: kfree+0x0/0x180; expected type: 0x7c4aa698)<br /> ...<br /> RIP: 0010:kobject_put+0xbb/0x1b0<br /> ...<br /> Call Trace:<br /> <br /> ext4_exit_sysfs+0x14/0x60 [ext4]<br /> cleanup_module+0x67/0xedb [ext4]