Assigner | Linux |
Reserved | 2024-02-29 |
Published | 2024-03-04 |
Updated | 2024-06-04 |
Description
In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix incorrect page free bug Pointer to the allocated pages (struct page *page) has already progressed towards the end of allocation. It is incorrect to perform __free_pages(page, order) using this pointer as we would free any arbitrary pages. Fix this by stop modifying the page pointer.
Product status
3c712f14d8a9 before 806142c805ca
1340dc3fb75e before ad338d825e3f
ec185dd3ab25 before 91e94e42f6fc
ec185dd3ab25 before 18549bf4b21c
5.14
Any version before 5.14
5.4.169
5.10.89
5.15.12
5.16
References
https://git.kernel.org/stable/c/806142c805cacd098e61bdc0f72c778a2389fe4a
https://git.kernel.org/stable/c/ad338d825e3f7b96ee542bf313728af2d19fe9ad
https://git.kernel.org/stable/c/91e94e42f6fc49635f1a16d8ae3f79552bcfda29
https://git.kernel.org/stable/c/18549bf4b21c739a9def39f27dcac53e27286ab5