THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-27007

userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE

Reserved:2024-02-19
Published:2024-05-01
Updated:2024-05-13

Description

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE Commit d7a08838ab74 ("mm: userfaultfd: fix unexpected change to src_folio when UFFDIO_MOVE fails") moved the src_folio->{mapping, index} changing to after clearing the page-table and ensuring that it's not pinned. This avoids failure of swapout+migration and possibly memory corruption. However, the commit missed fixing it in the huge-page case.

Product status

Default status
unaffected

adef440691ba before df5f6e683e7f
affected

adef440691ba before c0205eaf3af9
affected

Default status
affected

6.8
affected

Any version before 6.8
unaffected

6.8.8
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/df5f6e683e7f21a15d8be6e7a0c7a46436963ebe

https://git.kernel.org/stable/c/c0205eaf3af9f5db14d4b5ee4abacf4a583c3c50

cve.org CVE-2024-27007

nvd.nist.gov CVE-2024-27007

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-27007