Kernel-Level Denial of Service (DoS) Vulnerability in set_pte_at()

[ybdesire]

Description

The set_pte_at() function directly invokes panic() and enters an infinite loop, causing the kernel to crash. As a critical interface for memory management, this function is called by multiple kernel modules (e.g., page table operations, memory mapping). When triggered, the system immediately halts and enters an unrecoverable state, resulting in a complete denial of service.

The latest code also impacted by this issue:
https://github.com/HobbesOSR/kitten/blob/master/include/arch-arm64/pgtable.h#L189

And it was impacted from the old versoin:

kitten/include/arch-arm64/pgtable.h

Line 173 in 7b6f5d6

static inline void set_pte_at(struct mm_struct *mm, unsigned long addr,

Vulnerability Type: Denial of Service (DoS)

Severity: High

CWE ID: CWE-400: Uncontrolled Resource Consumption

Exploit

Trigger Conditions:
Any operation that indirectly invokes set_pte_at() through normal system calls or kernel modules.