VYPR
Unrated severityNVD Advisory· Published Oct 21, 2024· Updated May 4, 2025

mm/gup: fix memfd_pin_folios alloc race panic

CVE-2024-49872

Description

In the Linux kernel, the following vulnerability has been resolved:

mm/gup: fix memfd_pin_folios alloc race panic

If memfd_pin_folios tries to create a hugetlb page, but someone else already did, then folio gets the value -EEXIST here:

folio = memfd_alloc_folio(memfd, start_idx); if (IS_ERR(folio)) { ret = PTR_ERR(folio); if (ret != -EEXIST) goto err;

then on the next trip through the "while start_idx" loop we panic here:

if (folio) { folio_put(folio);

To fix, set the folio to NULL on error.

Affected products

12

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.