summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2022-39188
blob: d6e5eb2031ae60bd6ef6da7f81e16b7bea6a0472 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

Description: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry
References:
 https://bugs.chromium.org/p/project-zero/issues/detail?id=2329
 https://lore.kernel.org/stable/CAG48ez3SEqOPcPCYGHVZv4iqEApujD5VtM3Re-tCKLDEFdEdbg@mail.gmail.com/
 https://lore.kernel.org/stable/CAG48ez2sDEaDpiHBQJcDqPtvpCYK1JjLD=Jp8rE9ODnFW-MbRg@mail.gmail.com/
 https://lore.kernel.org/stable/20220915142519.2941949-1-jannh@google.com/
Notes:
 carnil> For stable series an isolated backport is needed.
 carnil> Turns out that the original backport for stable series is botched, cf.
 carnil> https://lore.kernel.org/stable/CAG48ez2sDEaDpiHBQJcDqPtvpCYK1JjLD=Jp8rE9ODnFW-MbRg@mail.gmail.com/
Bugs:
upstream: released (5.19-rc8) [b67fbebd4cf980aecbcc750e1462128bffe8ae15]
5.10-upstream-stable: released (5.10.141) [895428ee124ad70b9763259308354877b725c31d], released (5.10.144) [891f03f688de8418f44b32b88f6b4faed5b2aa81]
4.19-upstream-stable: released (4.19.257) [c3b1e88f14e7f442e2ddcbec94527eec84ac0ca3], released (4.19.259) [56fa5f3dd44a05a5eacd75ae9d00c5415046d371]
sid: released (5.19.6-1)
5.10-bullseye-security: released (5.10.140-1) [bugfix/all/mm-force-tlb-flush-for-pfnmap-mappings-before-unlink_file_vma.patch], released (5.10.148-1)
4.19-buster-security: released (4.19.260-1)

© 2014-2024 Faster IT GmbH | imprint | privacy policy