CVE: CVE-2022-49077

Descrizione: In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) If an mremap() syscall with old_size=0 ends up in move_page_tables(), it will call invalidate_range_start()/invalidate_range_end() unnecessarily, i.e. with an empty range. This causes a WARN in KVM’s mmu_notifier. In the past, empty ranges have been diagnosed to be off-by-one bugs, hence the WARNing. Given the low (so far) number of unique reports, the benefits of detecting more buggy callers seem to outweigh the cost of having to fix cases such as this one, where userspace is doing something silly. In this particular case, an early return from move_page_tables() is enough to fix the issue.

Vettore di attacco

Riferimenti esterni

• https://git.kernel.org/stable/c/a05540f3903bd8295e8c4cd90dd3d416239a115b
• https://git.kernel.org/stable/c/eeaf28e2a0128147d687237e59d5407ee1b14693
• https://git.kernel.org/stable/c/e2c328c2a8f9de8b761bd4025b66c63120c55761
• https://git.kernel.org/stable/c/c19d8de4e682ec4b0ea2b04a832cd8cc0be3bb31
• https://git.kernel.org/stable/c/7d659cb1763ff17d1c6ee082fa6feb4267c7a30b
• https://git.kernel.org/stable/c/a04cb99c5d4668fe3f5c0e5b6da1cecd34c3f219
• https://git.kernel.org/stable/c/2358aa84ef6dafcf544a557caaa6b91afb4a0bd2
• https://git.kernel.org/stable/c/04bc13dae4a27b8d030843c85ae452bb2f1d9c1f
• https://git.kernel.org/stable/c/01e67e04c28170c47700c2c226d732bbfedb1ad0

Prodotti interessati

• Linux – Linux
• Linux – Linux

Relazioni con altri prodotti

Produttore:Linux
Prodotto: Linux
Anno: 2022
CWE:
CVSS: 0.0

Ulteriori risorse disponibili

• Vulnerabilità scoperte nello stesso anno (2022)