References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Change History

https://git.kernel.org/stable/c/682886ec69d22363819a83ddddd5d66cb5c791e1

https://git.kernel.org/stable/c/b0fdabc908a7f81d12382c87ca9e46a9c2e14042

In the Linux kernel, the following vulnerability has been resolved:

mm: zswap: fix shrinker NULL crash with cgroup_disable=memory

Christian reports a NULL deref in zswap that he bisected down to the zswap
shrinker.  The issue also cropped up in the bug trackers of libguestfs [1]
and the Red Hat bugzilla [2].

The problem is that when memcg is disabled with the boot time flag, the
zswap shrinker might get called with sc->memcg == NULL.  This is okay in
many places, like the lruvec operations.  

kernel.org https://git.kernel.org/stable/c/682886ec69d22363819a83ddddd5d66cb5c791e1 [No types assigned]

kernel.org https://git.kernel.org/stable/c/b0fdabc908a7f81d12382c87ca9e46a9c2e14042 [No types assigned]