Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-42241— mm/shmem: disable PMD-sized page cache if needed

EPSS 0.03% · P10
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-42241

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
mm/shmem: disable PMD-sized page cache if needed
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the base page size is 64KB can't be supported by xarray. It leads to errors as the following messages indicate when this sort of xarray entry is split. WARNING: CPU: 34 PID: 7578 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128 Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 \ nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject \ nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \ ip_set rfkill nf_tables nfnetlink vfat fat virtio_balloon drm fuse xfs \ libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 sha1_ce virtio_net \ net_failover virtio_console virtio_blk failover dimlib virtio_mmio CPU: 34 PID: 7578 Comm: test Kdump: loaded Tainted: G W 6.10.0-rc5-gavin+ #9 Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024 pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) pc : xas_split_alloc+0xf8/0x128 lr : split_huge_page_to_list_to_order+0x1c4/0x720 sp : ffff8000882af5f0 x29: ffff8000882af5f0 x28: ffff8000882af650 x27: ffff8000882af768 x26: 0000000000000cc0 x25: 000000000000000d x24: ffff00010625b858 x23: ffff8000882af650 x22: ffffffdfc0900000 x21: 0000000000000000 x20: 0000000000000000 x19: ffffffdfc0900000 x18: 0000000000000000 x17: 0000000000000000 x16: 0000018000000000 x15: 52f8004000000000 x14: 0000e00000000000 x13: 0000000000002000 x12: 0000000000000020 x11: 52f8000000000000 x10: 52f8e1c0ffff6000 x9 : ffffbeb9619a681c x8 : 0000000000000003 x7 : 0000000000000000 x6 : ffff00010b02ddb0 x5 : ffffbeb96395e378 x4 : 0000000000000000 x3 : 0000000000000cc0 x2 : 000000000000000d x1 : 000000000000000c x0 : 0000000000000000 Call trace: xas_split_alloc+0xf8/0x128 split_huge_page_to_list_to_order+0x1c4/0x720 truncate_inode_partial_folio+0xdc/0x160 shmem_undo_range+0x2bc/0x6a8 shmem_fallocate+0x134/0x430 vfs_fallocate+0x124/0x2e8 ksys_fallocate+0x4c/0xa0 __arm64_sys_fallocate+0x24/0x38 invoke_syscall.constprop.0+0x7c/0xd8 do_el0_svc+0xb4/0xd0 el0_svc+0x44/0x1d8 el0t_64_sync_handler+0x134/0x150 el0t_64_sync+0x17c/0x180 Fix it by disabling PMD-sized page cache when HPAGE_PMD_ORDER is larger than MAX_PAGECACHE_ORDER. As Matthew Wilcox pointed, the page cache in a shmem file isn't represented by a multi-index entry and doesn't have this limitation when the xarry entry is split until commit 6b24ca4a1a8d ("mm: Use multi-index entries in the page cache").
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于 mm/shmem 模块的PMD大小的页面缓存可能不被xarray支持,需要在必要时禁用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 6b24ca4a1a8d4ee3221d6d44ddbb99f542e4bda3 ~ 93893eacb372b0a4a30f7de6609b08c3ba6c4fd9 -
LinuxLinux 5.17 -

II. Public POCs for CVE-2024-42241

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-42241

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-08-07 · 19 CVEs total

CVE-2024-42240x86/bhi: Avoid warning in #DB handler due to BHI mitigation
CVE-2024-42232libceph: fix race between delayed_work() and ceph_monc_stop()
CVE-2024-42234mm: fix crashes from deferred split racing folio migration
CVE-2024-42233filemap: replace pte_offset_map() with pte_offset_map_nolock()
CVE-2024-42235s390/mm: Add NULL pointer check to crst_table_free() base_crst_free()
CVE-2024-42236usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()
CVE-2024-42237firmware: cs_dsp: Validate payload length before processing block
CVE-2024-42238firmware: cs_dsp: Return error if block header overflows file
CVE-2024-42239bpf: Fail bpf_timer_cancel when callback is being cancelled
CVE-2024-42250cachefiles: add missing lock protection when polling
CVE-2024-42242mmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE
CVE-2024-42244USB: serial: mos7840: fix crash on resume
CVE-2024-42243mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray
CVE-2024-42245Revert "sched/fair: Make sure to try to detach at least one movable task"
CVE-2024-42246net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket
CVE-2024-42247wireguard: allowedips: avoid unaligned 64-bit memory accesses
CVE-2024-42249spi: don't unoptimize message in spi_async()
CVE-2024-42248tty: serial: ma35d1: Add a NULL check for of_node

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2024-42241

No comments yet

Leave a comment