|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2024-1312: kernel-source,kernel-source-azure,kernel-source-rt: Race condition leads to use after free during VMA lock in lock_vma_under_rcu | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | SMASH SMASH <smash_bz> |
| Component: | Incidents | Assignee: | Security Team bot <security-team> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | mhocko, thomas.leroy |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/393351/ | ||
| Whiteboard: | CVSSv3.1:SUSE:CVE-2024-1312:7.0:(AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) | ||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
SMASH SMASH
2024-02-08 10:50:05 UTC
Is this 657b5146955e ("mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock")?
(In reply to Michal Hocko from comment #3) > Is this 657b5146955e ("mm: lock_vma_under_rcu() must check vma->anon_vma > under vma lock")? Yes, it looks like. Debian also tracks this commit as the fix. SLE15-SP6 and stable seems to have both buggy and fixing commit. So I would say only a changelog update is needed (In reply to Michal Hocko from comment #3) > Is this 657b5146955e ("mm: lock_vma_under_rcu() must check vma->anon_vma > under vma lock")? It's almost certain, wonder why they can't just include that information. Based on the fixed versions 6.5-rc4 and 6.4.10 stable, and the wording it matches. See https://kernel.dance/#657b5146955e In that case this only applies to SP6 and we have the fix already, so I'll just add the CVE reference. All done, closing. |