bdebd6a283
remap_vmalloc_range() has had various issues with the bounds checks it promises to perform ("This function checks that addr is a valid vmalloc'ed area, and that it is big enough to cover the vma") over time, e.g.: - not detecting pgoff<<PAGE_SHIFT overflow - not detecting (pgoff<<PAGE_SHIFT)+usize overflow - not checking whether addr and addr+(pgoff<<PAGE_SHIFT) are the same vmalloc allocation - comparing a potentially wildly out-of-bounds pointer with the end of the vmalloc region In particular, since commit |
||
---|---|---|
.. | ||
auxdisplay | ||
binderfs | ||
bpf | ||
configfs | ||
connector | ||
ftrace | ||
hidraw | ||
hw_breakpoint | ||
kdb | ||
kfifo | ||
kobject | ||
kprobes | ||
livepatch | ||
mei | ||
mic/mpssd | ||
pidfd | ||
pktgen | ||
qmi | ||
rpmsg | ||
seccomp | ||
timers | ||
trace_events | ||
trace_printk | ||
uhid | ||
v4l | ||
vfio-mdev | ||
vfs | ||
watchdog | ||
Kconfig | ||
Makefile |