VYPR
Unrated severityNVD Advisory· Published Feb 26, 2025· Updated May 4, 2025

udmabuf: validate ubuf->pagecount

CVE-2021-47649

Description

In the Linux kernel, the following vulnerability has been resolved:

udmabuf: validate ubuf->pagecount

Syzbot has reported GPF in sg_alloc_append_table_from_pages(). The problem was in ubuf->pages == ZERO_PTR.

ubuf->pagecount is calculated from arguments passed from user-space. If user creates udmabuf with list.size == 0 then ubuf->pagecount will be also equal to zero; it causes kmalloc_array() to return ZERO_PTR.

Fix it by validating ubuf->pagecount before passing it to kmalloc_array().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

85

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.