Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:efi: stmm: Fix incorrect buffer allocation methodThe communication buffer allocated by setup_mm_hdr() is later on passedto tee_shm_register_kernel_buf(). The latter expects those buffers to becontiguous pages, but setup_mm_hdr() just uses kmalloc(). That can causevarious corruptions or BUGs, specifically since commit 9aec2fb0fd5e("slab: allocate frozen pages"), though it was broken before as well.Fix this by using alloc_pages_exact() instead of kmalloc().
No PoCs from references.
- https://github.com/w4zu/Debian_security