Impact
The vulnerability causes the ARM Linux kernel to perform a word load from a byte‑granular KASAN shadow area while switching contexts. On ARMv5 CPUs, unaligned word loads fault, leading to an alignment exception that crashes the system before it finishes booting. Based on the description, it is inferred that this flaw results in a kernel crash and interrupts system start‑up, but no remote code execution or data leakage is reported.
Affected Systems
The flaw affects the Linux kernel on ARMv5 architectures (for example, ARM926/VersatilePB) that have CONFIG_KASAN_VMALLOC and CONFIG_VMAP_STACK enabled. The vulnerability was introduced by commit 44e9a3bb76e5, and no specific kernel version range is given; any kernel incorporating that commit or older is potentially susceptible.
Risk and Exploitability
Based on the description, it is inferred that the attack vector is local and requires an attacker to influence the boot process or load a module so that the context switch triggers the fault. The EPSS score is not available and the vulnerability is not listed in CISA KEV, indicating that exploitation is unlikely to be widespread. Nonetheless, the flaw is a local denial‑of‑service vulnerability that can partition or halt the affected system prior to normal operation.
OpenCVE Enrichment