In the Linux kernel, the following vulnerability has been resolved:
mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway
Syzbot reports a UAF in hugetlb_fault(). This happens because
vmf_anon_prepare() could drop the per-VMA lock and allow the current VMA
to be freed before hugetlb_vma_unlock_read() is called.
We can fix this by using a modified version of vmf_anon_prepare() that
doesn't release the VMA lock on failure, and then release it ourselves
after hugetlb_vma_unlock_read().
References
Configurations
Configuration 1 (hide)
|
History
22 Oct 2024, 16:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CWE | CWE-416 | |
First Time |
Linux linux Kernel
Linux |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | () https://git.kernel.org/stable/c/98b74bb4d7e96b4da5ef3126511febe55b76b807 - Patch | |
References | () https://git.kernel.org/stable/c/d59ebc99dee0a2687a26df94b901eb8216dbf876 - Patch | |
References | () https://git.kernel.org/stable/c/e897d184a8dd4a4e1f39c8c495598e4d9472776c - Patch |
21 Oct 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-21 12:15
Updated : 2024-10-22 16:12
NVD link : CVE-2024-47676
Mitre link : CVE-2024-47676
CVE.ORG link : CVE-2024-47676
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free