[SRU B/D/E/F] CVE-2020-10757
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Wed Jun 10 20:51:52 UTC 2020
[Impact/Description]
User can control PTE value to read/write anywhere, when "mremap" a
hugepage mmaped DAX file to a mmaped anonymous memory region
[Test case]
Mounted a DAX filesystem with an emulated PMEM device and ran reproducer
as in oss-sec message.
https://www.openwall.com/lists/oss-security/2020/06/04/4
Tested on Bionic, Eoan and Focal kernels.
[Regression potential]
Could mostly break DAX, though the test case cover some of it.
More information about the kernel-team
mailing list