5.5

CVE-2024-26943

nouveau/dmem: handle kcalloc() allocation failure

In the Linux kernel, the following vulnerability has been resolved:

nouveau/dmem: handle kcalloc() allocation failure

The kcalloc() in nouveau_dmem_evict_chunk() will return null if
the physical memory has run out. As a result, if we dereference
src_pfns, dst_pfns or dma_addrs, the null pointer dereference bugs
will happen.

Moreover, the GPU is going away. If the kcalloc() fails, we could not
evict all pages mapping a chunk. So this patch adds a __GFP_NOFAIL
flag in kcalloc().

Finally, as there is no need to have physically contiguous memory,
this patch switches kcalloc() to kvcalloc() in order to avoid
failing allocations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.1 < 6.1.84
LinuxLinux Kernel Version >= 6.2 < 6.6.24
LinuxLinux Kernel Version >= 6.7 < 6.7.12
LinuxLinux Kernel Version >= 6.8 < 6.8.3
LinuxLinux Kernel Version6.9 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.129
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/16e87fe23d4af6df920406494ced5c0f4354567b
Patch
Mailing List
https://git.kernel.org/stable/c/2a84744a037b8a511d6a9055f3defddc28ff4a4d
Patch
Mailing List
https://git.kernel.org/stable/c/3e82f7383e0b82a835e6b6b06a348b2bc4e2c2ee
Patch
Mailing List
https://git.kernel.org/stable/c/5e81773757a95fc298e96cfd6d4700f07b6192a2
Patch
Mailing List
https://git.kernel.org/stable/c/9acfd8b083a0ffbd387566800d89f55058a68af2
Patch
Mailing List