14 matches found
CVE-2024-49873
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: fix filemapgetfolioscontig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfdpinfolios with hugetlb pages and THP. The hugetlb bugs only bite when the page is not yet...
CVE-2024-49964
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix memfdpinfolios freehugepages leak memfdpinfolios followed by unpinfolios fails to restore freehugepages if the pages were not already faulted in, because the folio refcount for pages created by memfdallocfolio nev...
CVE-2024-49872
In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix memfdpinfolios alloc race panic If memfdpinfolios tries to create a hugetlb page, but someone else already did, then folio gets the value -EEXIST here: folio = memfdallocfoliomemfd, startidx; if ISERRfolio ret =...
CVE-2024-49964
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix memfdpinfolios freehugepages leak memfdpinfolios followed by unpinfolios fails to restore freehugepages if the pages were not already faulted in, because the folio refcount for pages created by memfdallocfolio nev...
CVE-2024-49872
In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix memfdpinfolios alloc race panic If memfdpinfolios tries to create a hugetlb page, but someone else already did, then folio gets the value -EEXIST here: folio = memfdallocfoliomemfd, startidx; if ISERRfolio ret =...
CVE-2024-49964 mm/hugetlb: fix memfd_pin_folios free_huge_pages leak
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix memfdpinfolios freehugepages leak memfdpinfolios followed by unpinfolios fails to restore freehugepages if the pages were not already faulted in, because the folio refcount for pages created by memfdallocfolio nev...
CVE-2024-49964 mm/hugetlb: fix memfd_pin_folios free_huge_pages leak
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix memfdpinfolios freehugepages leak memfdpinfolios followed by unpinfolios fails to restore freehugepages if the pages were not already faulted in, because the folio refcount for pages created by memfdallocfolio nev...
CVE-2024-49964
The CVE-2024-49964 issue affects the Linux kernel’s hugetlb path: memfd_pin_folios + unpin_folios could fail to restore free_huge_pages for pages not faulted in due to folio refcounts not reaching zero. The root cause was that folio_ref_unfreeze/folio_try_get/hugetlb_add_to_page_cache interaction...
CVE-2024-49873 mm/filemap: fix filemap_get_folios_contig THP panic
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: fix filemapgetfolioscontig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfdpinfolios with hugetlb pages and THP. The hugetlb bugs only bite when the page is not yet...
CVE-2024-49873 mm/filemap: fix filemap_get_folios_contig THP panic
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: fix filemapgetfolioscontig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfdpinfolios with hugetlb pages and THP. The hugetlb bugs only bite when the page is not yet...
CVE-2024-49873 mm/filemap: fix filemap_get_folios_contig THP panic
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: fix filemapgetfolioscontig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfdpinfolios with hugetlb pages and THP. The hugetlb bugs only bite when the page is not yet...
CVE-2024-49873
CVE-2024-49873 : In the Linux kernel, memfd_pin_folios with THP-backed memory may panic or cause a NULL-pointer dereference when the requested start offset is not aligned to a huge page boundary. The issue arises because filemap_get_folios_contig could load a folio that is a sibling and then fail...
CVE-2024-49872 mm/gup: fix memfd_pin_folios alloc race panic
In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix memfdpinfolios alloc race panic If memfdpinfolios tries to create a hugetlb page, but someone else already did, then folio gets the value -EEXIST here: folio = memfdallocfoliomemfd, startidx; if ISERRfolio ret =...
CVE-2024-49872
The CVE-2024-49872 issue affects the Linux kernel in mm/gup where memfd_pin_folios can race when creating a hugetlb folio and another actor has already done so, leading to a -EEXIST and a panicking folio_put call if the same folio is used in the next loop iteration. The patch fixes the race by cl...