[SRU Focal 0/2] CVE-2021-4002
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Nov 26 02:11:20 UTC 2021
https://www.openwall.com/lists/oss-security/2021/11/25/1
[Impact]
Missing TLB flush on hugetlb unmapping may allow a different process to
access another process memory, as long as it is using hugetlb mappings.
[Test case]
POC from the link above was used to test it on amd64 and ppc64el (Power9).
Built tested on other architectures too. Will test on them as time allows.
[Potential regression]
hugetlb users may regress.
[Notice]
4.15 backport is in progress and will be tested on other architectures
as well.
Nadav Amit (1):
hugetlbfs: flush TLBs correctly after huge_pmd_unshare
Peter Zijlstra (Intel) (1):
tlb: mmu_gather: add tlb_flush_*_range APIs
include/asm-generic/tlb.h | 55 ++++++++++++++++++++++++++++-----------
mm/hugetlb.c | 23 +++++++++++++---
2 files changed, 59 insertions(+), 19 deletions(-)
--
2.32.0
More information about the kernel-team
mailing list