ACK: [SRU][J][PATCH 0/1] CVE-2024-53097
Guoqing Jiang
guoqing.jiang at canonical.com
Thu Dec 19 06:52:17 UTC 2024
Acked-by: Guoqing Jiang <guoqing.jiang at canonical.com>
On 12/7/24 05:05, Bethany Jamison wrote:
> [Impact]
>
> mm: krealloc: Fix MTE false alarm in __do_krealloc
>
> This patch addresses an issue introduced by commit 1a83a71 ("mm:
> krealloc: consider spare memory for __GFP_ZERO") which causes MTE
> (Memory Tagging Extension) to falsely report a slab-out-of-bounds error.
>
> The problem occurs when zeroing out spare memory in __do_krealloc. The
> original code only considered software-based KASAN and did not account
> for MTE. It does not reset the KASAN tag before calling memset, leading
> to a mismatch between the pointer tag and the memory tag, resulting
> in a false positive.
>
> [Fix]
>
> Oracular: not-affected
> Jammy: Clean cherry-pick from linux-5.15.y
> Focal: not-affected
> Bionic: not-affected
> Xenial: not-affected
> Trusty: not-affected
>
> [Test Case]
>
> Compile tested.
>
> [Where problems could occur]
>
> This fix affects those who use slab allocator functions that are
> independent of the allocator strategy, an issue with this fix would be
> visible to the user via inaccurate slab-out-of-bounds errors.
>
> Qun-Wei Lin (1):
> mm: krealloc: Fix MTE false alarm in __do_krealloc
>
> mm/slab_common.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
More information about the kernel-team
mailing list