CVE-2024-42243 Linux Kernel Vulnerability: mm/filemap: Make MAX_PAGECACHE_ORDER Acceptable to XArray

mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray

The patch series "mm/filemap: Limit page cache size to that supported by xarray", v2, fixed a vulnerability in the Linux kernel, which did not support limitless page cache size. More details on the vulnerability can be found from the WARN_ON() statement in xas_split_alloc().

The issue had been reported a while ago, and some related discussions can be found in this link: [1].

[1] https://www.spinics.net/lists/linux-xfs/msg75404.html

The code changes were suggested by David Hildenbrand and consisted of the following patches

PATCH[1]: Adjusts MAX_PAGECACHE_ORDER to that supported by xarray.
PATCH[2-3]: Avoids PMD-sized page cache in the synchronous readahead path.
PATCH[4]: Avoids PMD-sized page cache for shmem files if needed.

A test program was used to demonstrate the vulnerability and verify the fix. The code for the test program can be found in the original post.

After applying the patches, the test program ran successfully without hitting the WARN_ON() statement on ARM64 systems, where the base page size is 64KB, and the huge page size is 512MB. This confirmed that the vulnerability had been addressed and resolved.

This patch significantly improves the Linux kernel's robustness against potential security vulnerabilities arising from improper page cache handling. Users are advised to update their Linux kernel to the latest version to benefit from these improvements.

Timeline

Published on: 08/07/2024 16:15:47 UTC
Last modified on: 08/08/2024 14:53:35 UTC