In the Linux kernel, the following vulnerability has been resolved:
x86/mm: Fix pticlonepgtable() alignment assumption
Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then
It turned out that pticlonepgtable() had alignment assumptions on the start address, notably it hard assumes start is PMD aligned. This is true on x86_64, but very much not true on i386.
These assumptions can cause the end condition to malfunction, leading to a 'short' clone. Guess what happens when the user mapping has a short copy of the entry text?
Use the correct increment form for addr to avoid alignment assumptions.