In the Linux kernel, the following vulnerability has been resolved:
comedi: Flush partial mappings in error case
If some remap_pfn_range() calls succeeded before one failed, we still have
buffer pages mapped into the userspace page tables when we drop the buffer
reference with comedi_buf_map_put(bm). The userspace mappings are only
cleaned up later in the mmap error path.
Fix it by explicitly flushing all mappings in our VMA on the error path.
See commit 79a61cc3fc04 ("mm: avoid leaving partial pfn mappings around in
error case").
Metrics
Affected Vendors & Products
References
History
Tue, 24 Dec 2024 11:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In the Linux kernel, the following vulnerability has been resolved: comedi: Flush partial mappings in error case If some remap_pfn_range() calls succeeded before one failed, we still have buffer pages mapped into the userspace page tables when we drop the buffer reference with comedi_buf_map_put(bm). The userspace mappings are only cleaned up later in the mmap error path. Fix it by explicitly flushing all mappings in our VMA on the error path. See commit 79a61cc3fc04 ("mm: avoid leaving partial pfn mappings around in error case"). | |
Title | comedi: Flush partial mappings in error case | |
References |
|
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-12-24T11:28:48.619Z
Updated: 2024-12-24T11:28:48.619Z
Reserved: 2024-11-19T17:17:24.998Z
Link: CVE-2024-53148
Vulnrichment
No data.
NVD
Status : Received
Published: 2024-12-24T12:15:22.887
Modified: 2024-12-24T12:15:22.887
Link: CVE-2024-53148
Redhat
No data.