References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Change History

https://git.kernel.org/stable/c/3a75cb05d53f4a6823a32deb078de1366954a804

https://git.kernel.org/stable/c/ba60fdf75e89ea762bb617be578dc47f27655117

https://git.kernel.org/stable/c/fe7e008e0ce728252e4ec652cceebcc62211657c

In the Linux kernel, the following vulnerability has been resolved:

mm: cachestat: fix folio read-after-free in cache walk

In cachestat, we access the folio from the page cache's xarray to compute
its page offset, and check for its dirty and writeback flags.  However, we
do not hold a reference to the folio before performing these actions,
which means the folio can concurrently be released and reused as another
folio/page/slab.

Get around this altogether by just using xarray's existing machin

Linux https://git.kernel.org/stable/c/3a75cb05d53f4a6823a32deb078de1366954a804 [No types assigned]

Linux https://git.kernel.org/stable/c/ba60fdf75e89ea762bb617be578dc47f27655117 [No types assigned]

Linux https://git.kernel.org/stable/c/fe7e008e0ce728252e4ec652cceebcc62211657c [No types assigned]