CVE-2022-50271

Description

In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over vsock, data size is usually 32kB, and kmalloc seems to fail to try to allocate 32 32kB regions. vhost-5837: page allocation failure: order:4, mode:0x24040c0 Call Trace: [<ffffffffb6a0df64>] dump_stack+0x97/0xdb [<ffffffffb68d6aed>] warn_alloc_failed+0x10f/0x138 [<ffffffffb68d868a>] ? __alloc_pages_direct_compact+0x38/0xc8 [<ffffffffb664619f>] __alloc_pages_nodemask+0x84c/0x90d [<ffffffffb6646e56>] alloc_kmem_pages+0x17/0x19 [<ffffffffb6653a26>] kmalloc_order_trace+0x2b/0xdb [<ffffffffb66682f3>] __kmalloc+0x177/0x1f7 [<ffffffffb66e0d94>] ? copy_from_iter+0x8d/0x31d [<ffffffffc0689ab7>] vhost_vsock_handle_tx_kick+0x1fa/0x301 [vhost_vsock] [<ffffffffc06828d9>] vhost_worker+0xf7/0x157 [vhost] [<ffffffffb683ddce>] kthread+0xfd/0x105 [<ffffffffc06827e2>] ? vhost_dev_set_owner+0x22e/0x22e [vhost] [<ffffffffb683dcd1>] ? flush_kthread_worker+0xf3/0xf3 [<ffffffffb6eb332e>] ret_from_fork+0x4e/0x80 [<ffffffffb683dcd1>] ? flush_kthread_worker+0xf3/0xf3 Work around by doing kvmalloc instead.

References

https://git.kernel.org/stable/c/e6d0152c95108651f1880c1ddfab47cb9e3e62d0

https://git.kernel.org/stable/c/e28a4e7f0296824c61a81e7fd54ab48bad3e75ad

https://git.kernel.org/stable/c/b4a5905fd2ef841cd61e969ea692c213c2e5c1f7

https://git.kernel.org/stable/c/a99fc6d818161d6f1ff3307de8bf5237f6cc34d8

https://git.kernel.org/stable/c/7aac8c63f604e6a6a46560c0f0188cd0332cf320

https://git.kernel.org/stable/c/36c9f340c60413e28f980c0224c4e9d35851526b

https://git.kernel.org/stable/c/0e3f72931fc47bb81686020cc643cde5d9cd0bb8

https://git.kernel.org/stable/c/0d720c3f0a03e97867deab7e480ba3d3e19837ba

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS