In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix missing hugetlb_lock for resv uncharge There is a recent report on UFFDIO_COPY over hugetlb: https://lore.kernel.org/all/[email protected]/ 350: lockdep_assert_held(&hugetlb_lock); Should be an issue in hugetlb but triggered in an userfault context, where it goes into the unlikely path where two threads modifying the resv map together. Mike has a fix in that path for resv uncharge but it looks like the locking criteria was overlooked: hugetlb_cgroup_uncharge_folio_rsvd() will update the cgroup pointer, so it requires to be called with the lock held.
History

Wed, 11 Sep 2024 10:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:9

Mon, 26 Aug 2024 06:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_eus:9.2
cpe:/a:redhat:rhel_eus:9.2::nfv

Tue, 13 Aug 2024 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/o:redhat:rhel_eus:8.8
Vendors & Products Redhat rhel Eus

Thu, 08 Aug 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:8::nfv
cpe:/o:redhat:enterprise_linux:8
Vendors & Products Redhat enterprise Linux

Wed, 07 Aug 2024 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Tus
CPEs cpe:/o:redhat:rhel_aus:8.6
cpe:/o:redhat:rhel_e4s:8.6
cpe:/o:redhat:rhel_tus:8.6
Vendors & Products Redhat
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Tus

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-20T09:48:02.318Z

Updated: 2024-12-19T08:59:58.281Z

Reserved: 2024-05-17T13:50:33.149Z

Link: CVE-2024-36000

cve-icon Vulnrichment

Updated: 2024-08-02T03:30:12.529Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-20T10:15:14.163

Modified: 2024-11-21T09:21:24.170

Link: CVE-2024-36000

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-05-20T00:00:00Z

Links: CVE-2024-36000 - Bugzilla