CVE-2024-39477: mm/hugetlb: do not call vma_add_reservation upon ENOMEM
First published: Fri Jul 05 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: do not call vma_add_reservation upon ENOMEM sysbot reported a splat [1] on __unmap_hugepage_range(). This is because vma_needs_reservation() can return -ENOMEM if allocate_file_region_entries() fails to allocate the file_region struct for the reservation. Check for that and do not call vma_add_reservation() if that is the case, otherwise region_abort() and region_del() will see that we do not have any file_regions. If we detect that vma_needs_reservation() returned -ENOMEM, we clear the hugetlb_restore_reserve flag as if this reservation was still consumed, so free_huge_folio() will not increment the resv count. [1] https://lore.kernel.org/linux-mm/0000000000004096100617c58d54@google.com/T/#ma5983bc1ab18a54910da83416b3f89f3c7ee43aa
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | >=6.9<6.9.5 | |
| Linux Linux kernel | =6.10.0-rc1 | |
| Linux Linux kernel | =6.10.0-rc2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/softwarecombine
- agent/tags
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/6.9
- version/linux linux kernel/6.10.0-rc1
- version/linux linux kernel/6.10.0-rc2