In the Linux kernel, the following vulnerability has been resolved:
mm/gup: fix memfd_pin_folios alloc race panic
If memfd_pin_folios tries to create a hugetlb page, but someone else
already did, then folio gets the value -EEXIST here:
folio = memfd_alloc_folio(memfd, start_idx);
if (IS_ERR(folio)) {
ret = PTR_ERR(folio);
if (ret != -EEXIST)
goto err;
then on the next trip through the "while start_idx" loop we panic here:
if (folio) {
folio_put(folio);
To fix, set the folio to NULL on error.
References
Configurations
History
13 Nov 2024, 14:26
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux linux Kernel
Linux |
|
CWE | CWE-362 | |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.7 |
References | () https://git.kernel.org/stable/c/ce645b9fdc78ec5d28067286e92871ddae6817d5 - Patch | |
References | () https://git.kernel.org/stable/c/e28f39b359c0cfdcc011603e51187085a5f1e5e3 - Patch |
23 Oct 2024, 15:13
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
21 Oct 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-21 18:15
Updated : 2024-11-13 14:26
NVD link : CVE-2024-49872
Mitre link : CVE-2024-49872
CVE.ORG link : CVE-2024-49872
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')