Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate()Temporarily clear the preallocation flag when explicitly requestingallocations. Pre-existing allocations are already counted against therequest through mas_node_count_gfp(), but the allocations will not happenif the MA_STATE_PREALLOC flag is set. This flag is meant to avoidre-allocating in bulk allocation mode, and to detect issues withpreallocation calculations.The MA_STATE_PREALLOC flag should also always be set on zero allocationsso that detection of underflow allocations will print a WARN_ON() duringconsumption.User visible effect of this flaw is a WARN_ON() followed by a null pointerdereference when subsequent requests for larger number of nodes isignored, such as the vma merge retry in mmap_region() caused by driversaltering the vma flags (which happens in v6.6, at least)
No PoCs from references.
- https://github.com/w4zu/Debian_security