Bug 1224425 (CVE-2024-27406) - VUL-0: CVE-2024-27406: kernel: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU
Summary: VUL-0: CVE-2024-27406: kernel: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU
Status: RESOLVED INVALID
Alias: CVE-2024-27406
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/406302/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-05-17 14:31 UTC by SMASH SMASH
Modified: 2024-06-10 13:31 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-05-17 14:31:35 UTC 
In the Linux kernel, the following vulnerability has been resolved:

lib/Kconfig.debug: TEST_IOV_ITER depends on MMU

Trying to run the iov_iter unit test on a nommu system such as the qemu
kc705-nommu emulation results in a crash.

    KTAP version 1
    # Subtest: iov_iter
    # module: kunit_iov_iter
    1..9
BUG: failure at mm/nommu.c:318/vmap()!
Kernel panic - not syncing: BUG!

The test calls vmap() directly, but vmap() is not supported on nommu
systems, causing the crash.  TEST_IOV_ITER therefore needs to depend on
MMU.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-27406
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-27406.mbox
https://git.kernel.org/stable/c/e6316749d603fe9c4c91f6ec3694e06e4de632a3
https://git.kernel.org/stable/c/9e6e541b97762d5b1143070067f7c68f39a408f8
https://git.kernel.org/stable/c/1eb1e984379e2da04361763f66eec90dd75cf63e
https://www.cve.org/CVERecord?id=CVE-2024-27406
Comment 2 Gabriele Sonnu 2024-06-10 12:42:04 UTC 
All done, closing.