Draft: mm/sparsemem: fix race in accessing memory_section->usage (!3853) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Waiman Long requested to merge llong1/centos-stream-9:rhel-28877_sparsemem into main Mar 14, 2024

JIRA: https://issues.redhat.com/browse/RHEL-28877
CVE: CVE-2023-52489
MR: !3853 (closed)

v5.3 commit f46edbd1 ("mm/sparsemem: add helpers track active portions of a section at boot") that is being fixed is in RHEL9. The bug is serious as it can cause a NULL pointer deference leading to a kernel crash. However, it can only happen in some exotic memory configuration where PFN's are such that [ZONE_NORMAL ZONE_DEVICE ZONE_NORMAL]. The fix commit mentions a Snapdragon SoC as a system with such a configuration. It may be GPU memory that is accessible as a zone device memory, though this type of hybrid SoCs is becoming more common these days. The fact that this bug was found and fixed 4 years later also mean this it is not a bug that is easy to hit. So I think it can be a moderate in severity at most.

Signed-off-by: Waiman Long longman@redhat.com

Edited Mar 14, 2024 by Waiman Long

Draft: mm/sparsemem: fix race in accessing memory_section->usage

Merge request reports