APPLIED: [SRU][J][PATCH 0/1] CVE-2024-53097
Roxana Nicolescu
roxana.nicolescu at canonical.com
Thu Dec 19 10:13:29 UTC 2024
On 06/12/2024 22:05, Bethany Jamison wrote:
> [Impact]
>
> mm: krealloc: Fix MTE false alarm in __do_krealloc
>
> This patch addresses an issue introduced by commit 1a83a71 ("mm:
> krealloc: consider spare memory for __GFP_ZERO") which causes MTE
> (Memory Tagging Extension) to falsely report a slab-out-of-bounds error.
>
> The problem occurs when zeroing out spare memory in __do_krealloc. The
> original code only considered software-based KASAN and did not account
> for MTE. It does not reset the KASAN tag before calling memset, leading
> to a mismatch between the pointer tag and the memory tag, resulting
> in a false positive.
>
> [Fix]
>
> Oracular: not-affected
> Jammy: Clean cherry-pick from linux-5.15.y
> Focal: not-affected
> Bionic: not-affected
> Xenial: not-affected
> Trusty: not-affected
>
> [Test Case]
>
> Compile tested.
>
> [Where problems could occur]
>
> This fix affects those who use slab allocator functions that are
> independent of the allocator strategy, an issue with this fix would be
> visible to the user via inaccurate slab-out-of-bounds errors.
>
> Qun-Wei Lin (1):
> mm: krealloc: Fix MTE false alarm in __do_krealloc
>
> mm/slab_common.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
Applied to jammy:linux master-next branch. Thanks!
More information about the kernel-team
mailing list