CVE-2021-47649
Published: Feb 26, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf->pagecount Syzbot has reported GPF in sg_alloc_append_table_from_pages(). The problem was in ubuf->pages == ZERO_PTR. ubuf->pagecount is calculated from arguments passed from user-space. If user creates udmabuf with list.size == 0 then ubuf->pagecount will be also equal to zero; it causes kmalloc_array() to return ZERO_PTR. Fix it by validating ubuf->pagecount before passing it to kmalloc_array().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected fbb0de795078190a9834b3409e4b009cfb18a6d4 - < 5d50f851dd307c07ca5591297093f19967c834a9affected fbb0de795078190a9834b3409e4b009cfb18a6d4 - < b267a8118c2b171bf7d67b90ed64154eeab9fae0affected fbb0de795078190a9834b3409e4b009cfb18a6d4 - < 811b667cefbea9cb7511a874b169d6a92907137eaffected fbb0de795078190a9834b3409e4b009cfb18a6d4 - < a3728d32fc61eb0fe283cb8ff60b2c8f751e2202affected fbb0de795078190a9834b3409e4b009cfb18a6d4 - < 9e9b4a269f84d3230f2af84ff42322db676440d9+1 more versions |
Linux | Linux | affected 4.20unaffected 0 - < 4.20unaffected 5.4.189 - <= 5.4.*unaffected 5.10.110 - <= 5.10.*unaffected 5.15.33 - <= 5.15.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now