In the Linux kernel, the following vulnerability has been resolved:
lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure
The kcalloc() in dmirror_device_evict_chunk() will return null if the
physical memory has run out. As a result, if src_pfns or dst_pfns is
dereferenced, the null pointer dereference bug will happen.
Moreover, the device is going away. If the kcalloc() fails, the pages
mapping a chunk could not be evicted. So add a __GFP_NOFAIL flag in
kcalloc().
Finally, as there is no need to have physically contiguous memory, Switch
kcalloc() to kvcalloc() in order to avoid failing allocations.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 09:26
Type | Values Removed | Values Added |
---|---|---|
References | () https://git.kernel.org/stable/c/1a21fdeea502658e315bd939409b755974f4fb64 - Patch | |
References | () https://git.kernel.org/stable/c/3b20d18f475bd17309db640dbe7d7c7ebb5bc2bc - Patch | |
References | () https://git.kernel.org/stable/c/65e528a69cb3ed4a286c45b4afba57461c8b5b33 - Patch | |
References | () https://git.kernel.org/stable/c/c2af060d1c18beaec56351cf9c9bcbbc5af341a3 - Patch | |
References | () https://git.kernel.org/stable/c/ce47e8ead9a72834cc68431d53f8092ce69bebb7 - Patch |
29 Aug 2024, 02:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
References | () https://git.kernel.org/stable/c/1a21fdeea502658e315bd939409b755974f4fb64 - Patch | |
References | () https://git.kernel.org/stable/c/3b20d18f475bd17309db640dbe7d7c7ebb5bc2bc - Patch | |
References | () https://git.kernel.org/stable/c/65e528a69cb3ed4a286c45b4afba57461c8b5b33 - Patch | |
References | () https://git.kernel.org/stable/c/c2af060d1c18beaec56351cf9c9bcbbc5af341a3 - Patch | |
References | () https://git.kernel.org/stable/c/ce47e8ead9a72834cc68431d53f8092ce69bebb7 - Patch | |
CWE | CWE-476 | |
First Time |
Linux
Linux linux Kernel |
20 Jun 2024, 12:44
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
19 Jun 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-19 14:15
Updated : 2024-11-21 09:26
NVD link : CVE-2024-38543
Mitre link : CVE-2024-38543
CVE.ORG link : CVE-2024-38543
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-476
NULL Pointer Dereference