Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:lib/test_hmm.c: handle src_pfns and dst_pfns allocation failureThe kcalloc() in dmirror_device_evict_chunk() will return null if thephysical memory has run out. As a result, if src_pfns or dst_pfns isdereferenced, the null pointer dereference bug will happen.Moreover, the device is going away. If the kcalloc() fails, the pagesmapping a chunk could not be evicted. So add a __GFP_NOFAIL flag inkcalloc().Finally, as there is no need to have physically contiguous memory, Switchkcalloc() to kvcalloc() in order to avoid failing allocations.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds