TA0048 - Kernel Security Patch for Memory Management
This technical advisory addresses the issue where the hfi1 driver enables a character device that users open through normal file system methods. When the file is opened, a pointer to the current->memory management (mm) is saved in the private data for the file handle. This is then used for input/output control (IOCTL) and write_iter() commands from the user for pinning and unpinning of memory on behalf of the user. The saved value is remembered in an attempt to handle the case where the context (current) value that calls the close on the file—such as being killed by a signal or Out Of Memory (OOM) killer—is different than the original user.
Type: Technical Advisory
Release Version:
Operating System:
Release Date:
Revision:
File Size: 195.04 KB
File Type: pdf
Publish Date: May 10, 2021
Last Updated: N/A