Gal Shalom

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: A security issue has been identified in the Linux kernel, specifically in the `nouveau/dmem` component. The `nouveau dmem copy one` function does not track whether the copy push command is executed successfully, potentially leading to a security vulnerability. In the event of a copy error, such as firmware or hardware failure, a dirty HIGH USER page may be returned to the user, potentially containing sensitive or corrupted data. To mitigate this, a zero page is allocated to ensure a non-dirty page is returned in case of an error. Recommendations: To prevent this vulnerability, allocate a zero page to ensure that in case of an error, a non-dirty (zero) page will be returned to the user. At the moment, there is no information about a newer version that contains a fix for this vulnerability.