Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Validate node_id in arena_alloc_pages() arena_alloc_pages() accepts a plain int node_id and forwards it through the entire allocation chain without any bounds checking. Validate node_id before passing it down the allocation chain in arena_alloc_pages().
Product status
317460317a02a1af512697e6e964298dedd8a163 (git) before 31d3b4b28e55835646d6829d60023f730dd34e85
317460317a02a1af512697e6e964298dedd8a163 (git) before e15900888c09480a4c632bc598f1c5bd39bed6d6
317460317a02a1af512697e6e964298dedd8a163 (git) before fb66e20130f95a93ffea1677252526a9e39170b2
317460317a02a1af512697e6e964298dedd8a163 (git) before 2845989f2ebaf7848e4eccf9a779daf3156ea0a5
6.9
Any version before 6.9
6.12.91 (semver)
6.18.33 (semver)
7.0.10 (semver)
7.1 (original_commit_for_fix)
References
git.kernel.org/...c/31d3b4b28e55835646d6829d60023f730dd34e85
git.kernel.org/...c/e15900888c09480a4c632bc598f1c5bd39bed6d6
git.kernel.org/...c/fb66e20130f95a93ffea1677252526a9e39170b2
git.kernel.org/...c/2845989f2ebaf7848e4eccf9a779daf3156ea0a5