Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:mm/hugetlb.c: fix UAF of vma in hugetlb fault pathwaySyzbot reports a UAF in hugetlb_fault(). This happens becausevmf_anon_prepare() could drop the per-VMA lock and allow the current VMAto be freed before hugetlb_vma_unlock_read() is called.We can fix this by using a modified version of vmf_anon_prepare() thatdoesn't release the VMA lock on failure, and then release it ourselvesafter hugetlb_vma_unlock_read().
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds