2 matches found
AZL-67605 CVE-2024-53219 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...
CVE-2024-53219
CVE-2024-53219 affects the Linux kernel virtiofs direct IO path when inserting a large module (e.g., 10 MB) with virtio-fs cache disabled. The root cause is a kernel memory allocation/IO path: kernel_read_file reads the module into a 10 MB vmalloc buffer, fuse_direct_io passes a 10 MB block as a ...