CVE-2024-35877

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.7.5-100.fc38.x86 64

Description The vulnerability is related to the handling of VM PAT in COW mappings. PAT handling won't do the right thing in COW mappings, where the first PTE can be replaced during write faults to point at anon folios. This can lead to memory leaks or incorrect memory freeing. The issue is triggered when using the follow phys() function, which may return the address and protection of the anon folio or fail on swap/nonswap entries. To fix this, the follow phys() function has been updated to refuse returning anon folios and fallback to using the stored PFN inside vma->vm pgoff for COW mappings.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the VM PAT handling in COW mappings, such as version 6.7.5-100.fc38.x86 64 or later.

Note: The provided information does not specify the exact version that includes the fix, so it is recommended to update to the latest available version.