Lucene search
LinuxVULNRICHMENT:CVE-2024-41083HistoryJul 29, 2024 - 3:47 p.m.
CVE-2024-41083 netfs: Fix netfs_page_mkwrite() to check folio->mapping is valid
2024-07-2915:47:59
Linux
github.com
3
linux kernel
netfs vulnerability
fix netfs_page_mkwrite
folio->mapping is valid
oopses
null pointer dereference
kernel mode
page fault
trace_event_raw_event_netfs_folio
invalidate_inode_pages2_range
In the Linux kernel, the following vulnerability has been resolved:
netfs: Fix netfs_page_mkwrite() to check folio->mapping is valid
Fix netfs_page_mkwrite() to check that folio->mapping is valid once it has
taken the folio lock (as filemap_page_mkwrite() does). Without this,
generic/247 occasionally oopses with something like the following:
BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
RIP: 0010:trace_event_raw_event_netfs_folio+0x61/0xc0
...
Call Trace:
<TASK>
? __die_body+0x1a/0x60
? page_fault_oops+0x6e/0xa0
? exc_page_fault+0xc2/0xe0
? asm_exc_page_fault+0x22/0x30
? trace_event_raw_event_netfs_folio+0x61/0xc0
trace_netfs_folio+0x39/0x40
netfs_page_mkwrite+0x14c/0x1d0
do_page_mkwrite+0x50/0x90
do_pte_missing+0x184/0x200
__handle_mm_fault+0x42d/0x500
handle_mm_fault+0x121/0x1f0
do_user_addr_fault+0x23e/0x3c0
exc_page_fault+0xc2/0xe0
asm_exc_page_fault+0x22/0x30
This is due to the invalidate_inode_pages2_range() issued at the end of the
DIO write interfering with the mmap’d writes.
Related
cvelist
cvelist
debiancve
debiancve
CVE-2024-41083
2024-07-29 16:15:03
nvd
nvd
CVE-2024-41083
2024-07-29 16:15:03
redhatcve
redhatcve
CVE-2024-41083
2024-07-31 09:15:37
osv
osv
CVE-2024-41083
2024-07-29 16:15:03
cve
cve
CVE-2024-41083
2024-07-29 16:15:03
AI Score
6.6
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-41083