CVE-2023-52990 Information

Mar 28, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

s390: workaround invalid gcc-11 out of bounds read warning

GCC 11.1.0 and 11.2.0 generate a wrong warning when compiling the kernel e.g. with allmodconfig:

arch/s390/kernel/setup.c: In function ‘setup_lowcore_dat_on’: ./include/linux/fortify-string.h:57:33: error: ‘__builtin_memcpy’ reading 128 bytes from a region of size 0 [-Werror=stringop-overread] … arch/s390/kernel/setup.c:526:9: note: in expansion of macro ‘memcpy’ 526 | memcpy(abs_lc->cregs_save_area S390_lowcore.cregs_save_area | ^~~~~~

This could be addressed by using absolute_pointer() with the S390_lowcore macro but this is not a good idea since this generates worse code for performance critical paths.

Therefore simply use a for loop to copy the array in question and get rid of the warning.

Reference

https://git.kernel.org/stable/c/1fc24f9da259b675c3cc74ad5aa92dac286543b3 https://git.kernel.org/stable/c/41e1992665a2701fa025a8b76970c43b4148446f

Share on: