CVE-2024-53107

fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args()

Description

In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() The "arg->vec_len" variable is a u64 that comes from the user at the start of the function. The "arg->vec_len * sizeof(struct page_region))" multiplication can lead to integer wrapping. Use size_mul() to avoid that. Also the size_add/mul() functions work on unsigned long so for 32bit systems we need to ensure that "arg->vec_len" fits in an unsigned long.

References

Link	Tags
https://git.kernel.org/stable/c/adee03f8903c58a6a559f21388a430211fac8ce9	patch
https://git.kernel.org/stable/c/669b0cb81e4e4e78cff77a5b367c7f70c0c6c05e	patch

Frequently Asked Questions

What is the severity of CVE-2024-53107?: CVE-2024-53107 has been scored as a medium severity vulnerability.
How to fix CVE-2024-53107?: To fix CVE-2024-53107, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-53107 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-53107 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-53107?: CVE-2024-53107 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Category

CWE-190 – Integer Overflow or Wraparound

References

Frequently Asked Questions