Description

In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() The "arg->vec_len" variable is a u64 that comes from the user at the start of the function. The "arg->vec_len * sizeof(struct page_region))" multiplication can lead to integer wrapping. Use size_mul() to avoid that. Also the size_add/mul() functions work on unsigned long so for 32bit systems we need to ensure that "arg->vec_len" fits in an unsigned long.

INFO

Published Date :

2024-12-02T13:44:39.811Z

Last Modified :

2025-10-01T20:17:11.772Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-53107 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-53107.

URL Resource
https://git.kernel.org/stable/c/669b0cb81e4e4e78cff77a5b367c7f70c0c6c05e cve-icon cve-icon
https://git.kernel.org/stable/c/adee03f8903c58a6a559f21388a430211fac8ce9 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024120247-CVE-2024-53107-4f83@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-53107 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-53107 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact