CVE-2026-53346
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
01/07/2026
Última modificación:
01/07/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
rust: arm64: set uwtable llvm module flag for CONFIG_UNWIND_TABLES<br />
<br />
Due to a rustc bug [1] the -Cforce-unwind-tables=y flag only emits the<br />
uwtable annotation for functions, but not for the module. This means<br />
that compiler-generated functions such as &#39;asan.module_ctor&#39; do not<br />
receive the uwtable annotation.<br />
<br />
When CONFIG_UNWIND_PATCH_PAC_INTO_SCS is enabled, this leads to boot<br />
failures because the dwarf information emitted for the kasan<br />
constructors is wrong, which causes the SCS boot patching code to<br />
patch the constructor in an illegal manner. Specifically, the paciasp<br />
instruction is patched, but the autiasp instruction is not. This<br />
mismatch leads to a crash when the constructor is called during boot.<br />
<br />
==================================================================<br />
BUG: KASAN: global-out-of-bounds in do_basic_setup+0x4c/0x90<br />
Read of size 8 at addr ffffffe3cc7eb488 by task swapper/0/1<br />
<br />
Specifically the faulting instruction is the (*fn)() to invoke the<br />
constructor in do_ctors() of the init/main.c file.<br />
<br />
Once the fix lands in rustc, this flag can be made conditional on the<br />
rustc version. Note that passing the flag on a rustc with the fix<br />
present has no effect.<br />
<br />
[ The fix [1] has landed for Rust 1.98.0 (expected release on<br />
2026-08-20).<br />
<br />
Thus add a version check as discussed.<br />
<br />
- Miguel ]<br />
<br />
[ Adjusted link and comment. - Miguel ]



