CVE-2024-42243

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.40/6.9.9

Description The vulnerability is related to the Linux kernel's file mapping functionality, specifically with the xarray data structure. The issue arises because xarray cannot support arbitrary page cache sizes, leading to a potential denial-of-service (DoS) condition when a WARN ON statement is triggered in the xas split alloc function. This can occur on systems with a base page size of 64KB and a huge page size of 512MB. The vulnerability was reported a long time ago, and discussions about it can be found on the Linux-XFS mailing list. To fix the issue, adjustments to MAX PAGECACHE ORDER are necessary to make it compatible with xarray, and PMD-sized page caches should be avoided if needed.

Recommendations To resolve the issue, apply the patch series "mm/filemap: Limit page cache size to that supported by xarray", v2, which includes the following patches: