CVE-2024-53065 - Linux Kernel Vulnerability Resolved: mm/slab Fix for Warning Due to Duplicate kmem_cache Creation in kmem_buckets_create

Recently, the Linux kernel has implemented a fix to resolve a vulnerability, specifically fixing a warning caused due to the creation of duplicate kmem_cache within kmem_buckets_create. The vulnerability affects users of Linux kernel version 6.12.-rc5mm-unstable-arm64. This issue is now resolved in the following code commit:

mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create

The initial issue was noted when commit b035f5a6d852 ("mm: slab: reduce the kmalloc() minimum alignment if DMA bouncing possible") reduced ARCH_KMALLOC_MINALIGN to 8 on arm64. However, when KASAN_HW_TAGS is enabled, arch_slab_minalign() becomes 16. Consequently, kmalloc_caches[*][8] ends up aliased to kmalloc_caches[*][16] which leads to kmem_buckets_create() trying to create a kmem_cache for size 16 twice. As a result, the duplication triggers the following warnings on boot:

boot log warnings truncated---

To understand the complete context of this issue, refer to the original commit message here: Commit b035f5a6d852 - Git Source. In this commit, the developer explains the issue and provides the required patch to resolve the vulnerability. The fix ensures that the warning caused by duplicate kmem_cache creation is not seen on boot anymore, thus resolving the vulnerability.

For users working with Linux kernel version 6.12.-rc5mm-unstable-arm64, this update is highly recommended to ensure system stability and avoid potential issues caused by this vulnerability.

Timeline

Published on: 11/19/2024 18:15:26 UTC
Last modified on: 11/25/2024 21:04:38 UTC