In the Linux kernel, the following vulnerability has been resolved: ARM:
9359/1: flush: check if the folio is reserved for no-mapping addresses
Since commit a4d5613c4dc6 (βarm: extend pfn_valid to take into account
freed memory map alignmentβ) changes the semantics of pfn_valid() to check
presence of the memory map for a PFN. A valid page for an address which is
reserved but not mapped by the kernel[1], the system crashed during some
uio test with the following memory layout: node 0: [mem
0x00000000c0a00000-0x00000000cc8fffff] node 0: [mem
0x00000000d0000000-0x00000000da1fffff] the uio layout isοΌ0xc0900000,
0x100000 the crash backtrace like: Unable to handle kernel paging request
at virtual address bff00000 [β¦] CPU: 1 PID: 465 Comm: startapp.bin
Tainted: G O 5.10.0 #1 Hardware name: Generic DT based system PC is at
b15_flush_kern_dcache_area+0x24/0x3c LR is at
__sync_icache_dcache+0x6c/0x98 [β¦] (b15_flush_kern_dcache_area) from
(__sync_icache_dcache+0x6c/0x98) (__sync_icache_dcache) from
(set_pte_at+0x28/0x54) (set_pte_at) from (remap_pfn_range+0x1a0/0x274)
(remap_pfn_range) from (uio_mmap+0x184/0x1b8 [uio]) (uio_mmap [uio]) from
(__mmap_region+0x264/0x5f4) (__mmap_region) from (__do_mmap_mm+0x3ec/0x440)
(__do_mmap_mm) from (do_mmap+0x50/0x58) (do_mmap) from
(vm_mmap_pgoff+0xfc/0x188) (vm_mmap_pgoff) from (ksys_mmap_pgoff+0xac/0xc4)
(ksys_mmap_pgoff) from (ret_fast_syscall+0x0/0x5c) Code: e0801001 e2423001
e1c00003 f57ff04f (ee070f3e) β[ end trace 09cf0734c3805d52 ]β Kernel
panic - not syncing: Fatal exception So check if PG_reserved was set to
solve this issue. [1]:
https://lore.kernel.org/lkml/[email protected]/
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | <Β any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | <Β any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | <Β 6.8.0-35.35 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | <Β any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | <Β any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | <Β 6.8.0-1009.9 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | <Β any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | <Β any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | <Β any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | <Β any | UNKNOWN |
git.kernel.org/linus/0c66c6f4e21cb22220cbd8821c5c73fc157d20dc (6.9-rc1)
git.kernel.org/stable/c/0c027c2bad7f5111c51a358b5d392e1a695dabff
git.kernel.org/stable/c/0c66c6f4e21cb22220cbd8821c5c73fc157d20dc
git.kernel.org/stable/c/9f7ddc222cae8254e93d5c169a8ae11a49d912a7
git.kernel.org/stable/c/fb3a122a978626b33de3367ee1762da934c0f512
launchpad.net/bugs/cve/CVE-2024-26947
nvd.nist.gov/vuln/detail/CVE-2024-26947
security-tracker.debian.org/tracker/CVE-2024-26947
ubuntu.com/security/notices/USN-6816-1
ubuntu.com/security/notices/USN-6817-1
ubuntu.com/security/notices/USN-6817-2
ubuntu.com/security/notices/USN-6817-3
ubuntu.com/security/notices/USN-6878-1
www.cve.org/CVERecord?id=CVE-2024-26947