Description

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix shrinker NULL crash with cgroup_disable=memory Christian reports a NULL deref in zswap that he bisected down to the zswap shrinker. The issue also cropped up in the bug trackers of libguestfs [1] and the Red Hat bugzilla [2]. The problem is that when memcg is disabled with the boot time flag, the zswap shrinker might get called with sc->memcg == NULL. This is okay in many places, like the lruvec operations. But it crashes in memcg_page_state() - which is only used due to the non-node accounting of cgroup's the zswap memory to begin with. Nhat spotted that the memcg can be NULL in the memcg-disabled case, and I was then able to reproduce the crash locally as well. [1] https://github.com/libguestfs/libguestfs/issues/139 [2] https://bugzilla.redhat.com/show_bug.cgi?id=2275252

INFO

Published Date :

2024-05-17T14:47:25.503Z

Last Modified :

2025-05-04T09:06:43.875Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-35846 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-35846.

URL Resource
https://git.kernel.org/stable/c/682886ec69d22363819a83ddddd5d66cb5c791e1 cve-icon cve-icon
https://git.kernel.org/stable/c/b0fdabc908a7f81d12382c87ca9e46a9c2e14042 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35846-d8bf@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-35846 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-35846 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact